CVE-2022-43855

Опубликовано: 08 мар. 2024

Источник: nvd

CVSS3: 6.2

CVSS3: 5.5

EPSS Низкий

Описание

IBM SPSS Statistics 26.0, 27.0.1, and 28.0 IO Module could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service.

Ссылки

https://www.ibm.com/support/pages/node/7130881
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/239235
Vendor Advisory
https://www.ibm.com/support/pages/node/7130881
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:spss_statistics:26.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:spss_statistics:27.0.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:spss_statistics:28.0.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.00011

Низкий

6.2 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-399

NVD-CWE-noinfo

Связанные уязвимости

GHSA-ww23-hvpx-hvvc

CVSS3: 6.2

github

почти 2 года назад

IBM SPSS Statistics 26.0, 27.0.1, and 28.0 could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service. IBM X-Force ID: 230235.

EPSS

Процентиль: 1%

0.00011

Низкий

6.2 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-399

NVD-CWE-noinfo