CVE-2024-27261

Опубликовано: 12 апр. 2024

Источник: nvd

CVSS3: 6.4

CVSS3: 6.8

EPSS Низкий

Описание

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could allow a privileged user to install a potentially dangerous tar file, which could give them access to subsequent systems where the package was installed. IBM X-Force ID: 283986.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/283986
Vendor Advisory
https://www.ibm.com/support/pages/node/7148023
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/283986
Vendor Advisory
https://www.ibm.com/support/pages/node/7148023
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:ibm:storage_defender_resiliency_service:*:*:*:*:*:*:*:*

Версия от 2.0 (включая) до 2.0.3 (исключая)

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

EPSS

Процентиль: 9%

0.00033

Низкий

6.4 Medium

CVSS3

6.8 Medium

CVSS3

Дефекты

CWE-749

NVD-CWE-Other

Связанные уязвимости

GHSA-c2c7-3m88-9jm2

CVSS3: 6.4

github

почти 2 года назад

EPSS

Процентиль: 9%

0.00033

Низкий

6.4 Medium

CVSS3

6.8 Medium

CVSS3

Дефекты

CWE-749

NVD-CWE-Other