CVE-2023-38372

Опубликовано: 29 фев. 2024

Источник: nvd

CVSS3: 5.9

CVSS3: 7.5

EPSS Низкий

Описание

An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication token can use it to impersonate an authorized platform user. IBM X-Force ID: 261201.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/261201
Vendor Advisory
https://www.ibm.com/support/pages/node/7020635
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/261201
Vendor Advisory
https://www.ibm.com/support/pages/node/7020635
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:watson_iot_platform:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.0006

Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-287

NVD-CWE-noinfo

Связанные уязвимости

GHSA-73mf-287p-8r8c

CVSS3: 5.9

github

почти 2 года назад

An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication token can use it to impersonate an authorized platform user. IBM X-Force ID: 261201.

EPSS

Процентиль: 19%

0.0006

Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-287

NVD-CWE-noinfo