7.2
CVE-2022-33166
- EPSS 0.06%
- Veröffentlicht 15.06.2023 03:15:10
- Zuletzt bearbeitet 21.11.2024 07:07:38
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 228586.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Security Directory Suite Va Version >= 8.0.1 <= 8.0.1.19
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.142 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| psirt@us.ibm.com | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-434 Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.