Описание
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632.
Ссылки
- VDB Entry
- PatchVendor Advisory
- VDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.0.0 (включая) до 4.1.1.7 (исключая)
Одновременно
cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00148
Низкий
8.5 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 8.5
github
почти 2 года назад
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632.
EPSS
Процентиль: 36%
0.00148
Низкий
8.5 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-78