CVE-2022-34357

Sažetak

IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. By making unlimited http requests, it is possible for a single user to exhaust server resources over a period of time making service unavailable for other legitimate users. IBM X-Force ID: 230510.

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/230510
https://security.netapp.com/advisory/ntap-20240405-0001/
https://security.netapp.com/advisory/ntap-20240621-0006/
https://www.ibm.com/support/pages/node/7123154
https://exchange.xforce.ibmcloud.com/vulnerabilities/230510
https://security.netapp.com/advisory/ntap-20240405-0001/
https://security.netapp.com/advisory/ntap-20240621-0006/
https://www.ibm.com/support/pages/node/7123154

CVSS

Base:	6.5
Impact:	3.6
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Zadnje važnije ažuriranje

17-12-2024 - 16:49

Objavljeno

26-02-2024 - 16:27