Описание
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation. IBM X-Force ID: 254972.
Ссылки
- VDB EntryVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10.0.0.0 (включая) до 10.0.6.1 (включая)Версия от 10.0.0.0 (включая) до 10.0.6.1 (включая)
Одно из
cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_verify_access_docker:*:*:*:*:*:*:*:*
EPSS
Процентиль: 2%
0.00013
Низкий
6.2 Medium
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-345
Связанные уязвимости
CVSS3: 6.2
github
около 2 лет назад
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation. IBM X-Force ID: 254972.
EPSS
Процентиль: 2%
0.00013
Низкий
6.2 Medium
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-345