Описание
IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805.
Ссылки
- VDB EntryVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.0.0 (включая) до 3.0.12 (включая)
cpe:2.3:a:ibm:content_navigator:*:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00386
Низкий
7.5 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-119
CWE-862
Связанные уязвимости
CVSS3: 8.8
github
около 3 лет назад
IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805.
EPSS
Процентиль: 59%
0.00386
Низкий
7.5 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-119
CWE-862