CVE-2017-1352

Sažetak

IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538.

Reference

http://www.ibm.com/support/docview.wss?uid=swg22006650
http://www.securityfocus.com/bid/100697
https://exchange.xforce.ibmcloud.com/vulnerabilities/126538

CVSS

Base:	6.0
Impact:	6.4
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

21-09-2017 - 18:38

Objavljeno

12-09-2017 - 21:29