6.2
CVE-2023-32329
- EPSS 0.01%
- Veröffentlicht 03.02.2024 01:15:08
- Zuletzt bearbeitet 03.11.2025 22:16:21
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Security Access Manager Container improper file validation
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation. IBM X-Force ID: 254972.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Security Verify Access Version >= 10.0.0.0 <= 10.0.6.1
Ibm ≫ Security Verify Access Docker Version >= 10.0.0.0 <= 10.0.6.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.016 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|
| psirt@us.ibm.com | 6.2 | 2.5 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
CWE-345 Insufficient Verification of Data Authenticity
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.