CVE-2024-35140

Опубликовано: 31 мая 2024

Источник: nvd

CVSS3: 7.7

CVSS3: 7.8

EPSS Низкий

Описание

IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to improper certificate validation. IBM X-Force ID: 292416.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/292416
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/7155356
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Nov/0
https://exchange.xforce.ibmcloud.com/vulnerabilities/292416
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/7155356
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:security_verify_access_docker:*:*:*:*:*:*:*:*

Версия от 10.0.0 (включая) до 10.0.7 (исключая)

EPSS

Процентиль: 14%

0.00046

Низкий

7.7 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-295

Связанные уязвимости

GHSA-vqvm-4fm4-4h2w

CVSS3: 7.7

github

больше 1 года назад

IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to improper certificate validation. IBM X-Force ID: 292416.

EPSS

Процентиль: 14%

0.00046

Низкий

7.7 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-295