Описание
IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server property files that would allow them to perform unauthorized actions.
Ссылки
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:jazz_foundation:7.0.2:-:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix001:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix002:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix003:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix004:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix005:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix006:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix007:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix008a:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix009:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix010:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix011:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix012:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix013:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix014:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix016:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix017:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix018:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix020a:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix021:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix022:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix023:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix024:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix025:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix026a:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix027:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix028:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix029:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix030:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix031:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix032:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix033:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix034:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix035:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:-:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix001:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix002:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix003:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix004:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix005:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix006:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix007:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix008:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix009:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix010:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix011:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix012:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix013:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix014:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix015:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix016:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix017:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix018:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.1.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.1.0:ifix001:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.1.0:ifix002:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.1.0:ifix003:*:*:*:*:*:*
cpe:2.3:a:ibm:jazz_foundation:7.1.0:ifix004:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.0007
Низкий
9.8 Critical
CVSS3
9.1 Critical
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 9.8
github
6 месяцев назад
IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server property files that would allow them to perform unauthorized actions.
CVSS3: 9.8
fstec
5 месяцев назад
Уязвимость интегрированной среды для управления жизненным циклом разработки IBM Jazz Foundation, связанная с некорректной авторизацией, позволяющая нарушителю получить доступ к конфиденциальной информации
EPSS
Процентиль: 21%
0.0007
Низкий
9.8 Critical
CVSS3
9.1 Critical
CVSS3
Дефекты
CWE-863