Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-34357

Опубликовано: 26 фев. 2024
Источник: nvd
CVSS3: 6.5
EPSS Низкий

Описание

IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. By making unlimited http requests, it is possible for a single user to exhaust server resources over a period of time making service unavailable for other legitimate users. IBM X-Force ID: 230510.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*
Версия от 11.1.1 (включая) до 11.1.7 (исключая)
cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*
Версия от 11.2.0 (включая) до 11.2.4 (исключая)
cpe:2.3:a:ibm:cognos_analytics:11.1.7:-:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack1:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack2:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack3:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack4:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack5:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack6:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.1.7:fixpack7:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.2.4:-:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack1:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack2:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cognos_analytics:12.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 22%
0.00072
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-770

Связанные уязвимости

github логотип

GHSA-273x-mxvr-9vx2

CVSS3: 6.5
github
больше 1 года назад

IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. By making unlimited http requests, it is possible for a single user to exhaust server resources over a period of time making service unavailable for other legitimate users. IBM X-Force ID: 230510.

EPSS

Процентиль: 22%
0.00072
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-770