Описание
IBM SPSS Modeler on Windows 17.0, 18.0, 18.2.2, 18.3, 18.4, and 18.5 requires the end user to have access to the server SSL key which could allow a local user to decrypt and obtain sensitive information. IBM X-Force ID: 256117.
Ссылки
- VDB EntryVendor Advisory
- Broken LinkPatchVendor Advisory
- VDB EntryVendor Advisory
- Broken LinkPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:ibm:spss_modeler:17.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_modeler:18.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_modeler:18.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_modeler:18.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_modeler:18.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_modeler:18.5:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 5%
0.00022
Низкий
6.2 Medium
CVSS3
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.2
github
больше 2 лет назад
IBM SPSS Modeler on Windows 17.0, 18.0, 18.2.2, 18.3, 18.4, and 18.5 requires the end user to have access to the server SSL key which could allow a local user to decrypt and obtain sensitive information. IBM X-Force ID: 256117.
EPSS
Процентиль: 5%
0.00022
Низкий
6.2 Medium
CVSS3
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo