6

CVE-2012-0729

Unrestricted file upload vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allows remote authenticated users to execute arbitrary ASP.NET code by uploading a .aspx file, and then accessing it via unspecified vectors.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmRational Appscan Version5.2 Editionenterprise
IbmRational Appscan Version5.4 Editionenterprise
IbmRational Appscan Version5.5.0 Editionenterprise
IbmRational Appscan Version5.5.0.1 Editionenterprise
IbmRational Appscan Version5.5.0.2 Editionenterprise
IbmRational Appscan Version5.6.0 Editionenterprise
IbmRational Appscan Version5.6.0.3 Editionenterprise
IbmRational Appscan Version8.0.0 Editionenterprise
IbmRational Appscan Version8.0.0.1 Editionenterprise
IbmRational Appscan Version8.0.0.2 Editionenterprise
IbmRational Appscan Version8.0.0.3 Editionenterprise
IbmRational Appscan Version8.0.1 Editionenterprise
IbmRational Appscan Version8.0.1.1 Editionenterprise
IbmRational Appscan Version8.5.0 Editionenterprise
IbmRational Appscan Version8.5.0.0 Editionenterprise
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.48% 0.623
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6 6.8 6.4
AV:N/AC:M/Au:S/C:P/I:P/A:P