CVE-2022-22392

Опубликовано: 25 апр. 2022

Источник: nvd

CVSS3: 6.8

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/222066
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6574003
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/222066
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6574003
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:planning_analytics_workspace:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00247

Низкий

6.8 Medium

CVSS3

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-8973-w8wf-mxh6

CVSS3: 7.8

github

почти 4 года назад

IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066.

EPSS

Процентиль: 48%

0.00247

Низкий

6.8 Medium

CVSS3

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-434