Описание
IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 214616.
Ссылки
- VDB EntryVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10.1.0 (включая) до 10.1.9 (исключая)
Одновременно
cpe:2.3:a:ibm:spectrum_protect_plus:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00121
Низкий
4.2 Medium
CVSS3
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-918
Связанные уязвимости
github
около 4 лет назад
IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 214616.
EPSS
Процентиль: 32%
0.00121
Низкий
4.2 Medium
CVSS3
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-918