7.4
CVE-2015-5039
- EPSS 0.13%
- Veröffentlicht 26.03.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 02:32:12
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
The Remote Client and change management integrations in IBM Rational ClearCase 7.1.x, 8.0.0.x before 8.0.0.18, and 8.0.1.x before 8.0.1.11 do not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information or modify network traffic via a crafted certificate. IBM X-Force ID: 106715.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Rational Clearcase Version >= 7.1 <= 7.1.2.16
Ibm ≫ Rational Clearcase Version > 8.0 <= 8.0.0.17
Ibm ≫ Rational Clearcase Version >= 8.0.1 <= 8.0.1.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.295 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.4 | 2.2 | 5.2 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|