Описание
IBM Security SOAR 51.0.1.0 and earlier contains a mechanism for users to recover or change their passwords without knowing the original password, but the user account must be compromised prior to the weak recovery mechanism.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 51.0.2.0 (исключая)
cpe:2.3:a:ibm:soar:*:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00035
Низкий
5.6 Medium
CVSS3
8.1 High
CVSS3
Дефекты
CWE-640
Связанные уязвимости
CVSS3: 5.6
github
около 1 года назад
IBM Security SOAR 51.0.1.0 and earlier contains a mechanism for users to recover or change their passwords without knowing the original password, but the user account must be compromised prior to the weak recovery mechanism.
EPSS
Процентиль: 10%
0.00035
Низкий
5.6 Medium
CVSS3
8.1 High
CVSS3
Дефекты
CWE-640