CVE-2017-1326

Sažetak

IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data related to other users, by manipulating the parameters passed in the POST request. IBM X-Force ID: 126060.

Reference

http://www.ibm.com/support/docview.wss?uid=swg22004274
http://www.securityfocus.com/bid/99183
https://exchange.xforce.ibmcloud.com/vulnerabilities/126060

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:N/I:P/A:N

Zadnje važnije ažuriranje

03-10-2019 - 00:03

Objavljeno

22-06-2017 - 18:29