exploitDog

CVE-2021-38999

Опубликовано: 30 нояб. 2021

Источник: nvd

CVSS3: 5.1

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/213214
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6519418
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/213214
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6519418
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:mq_appliance:9.2.0.0:*:*:*:continuous_delivery:*:*:*

cpe:2.3:a:ibm:mq_appliance:9.2.0.0:*:*:*:lts:*:*:*

EPSS

Процентиль: 12%

0.0004

Низкий

5.1 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-2x6g-9jmv-rxr5

github

около 4 лет назад

IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace.

EPSS

Процентиль: 12%

0.0004

Низкий

5.1 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200