Описание
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_connect_direct_web_services:6.3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00193
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-201
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 4.3
github
около 1 года назад
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system.
EPSS
Процентиль: 41%
0.00193
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-201
NVD-CWE-noinfo