Lucene search
IbmCVE-2015-0126HistoryJun 28, 2015 - 10:59 p.m.
CVE-2015-0126
2015-06-2822:59:04
ibm
web.nvd.nist.gov
18
ibm
leads
remote
authentication
file-upload
restrictions
bypass
cve-2015-0126
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.2
Confidence
Low
EPSS
0.002
Percentile
61.5%
IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to bypass intended file-upload restrictions via a modified extension.
Affected configurations
Node
ibmleadsMatch7.1.0
ORibmleadsMatch7.1.1
ORibmleadsMatch7.5.0
ORibmleadsMatch8.1.0
ORibmleadsMatch8.2.0
ORibmleadsMatch8.5.0
ORibmleadsMatch8.6.0
ORibmleadsMatch9.0.0
ORibmleadsMatch9.1.0
ORibmleadsMatch9.1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | leads | 7.1.0 | cpe:2.3:a:ibm:leads:7.1.0:*:*:*:*:*:*:* |
| ibm | leads | 7.1.1 | cpe:2.3:a:ibm:leads:7.1.1:*:*:*:*:*:*:* |
| ibm | leads | 7.5.0 | cpe:2.3:a:ibm:leads:7.5.0:*:*:*:*:*:*:* |
| ibm | leads | 8.1.0 | cpe:2.3:a:ibm:leads:8.1.0:*:*:*:*:*:*:* |
| ibm | leads | 8.2.0 | cpe:2.3:a:ibm:leads:8.2.0:*:*:*:*:*:*:* |
| ibm | leads | 8.5.0 | cpe:2.3:a:ibm:leads:8.5.0:*:*:*:*:*:*:* |
| ibm | leads | 8.6.0 | cpe:2.3:a:ibm:leads:8.6.0:*:*:*:*:*:*:* |
| ibm | leads | 9.0.0 | cpe:2.3:a:ibm:leads:9.0.0:*:*:*:*:*:*:* |
| ibm | leads | 9.1.0 | cpe:2.3:a:ibm:leads:9.1.0:*:*:*:*:*:*:* |
| ibm | leads | 9.1.1 | cpe:2.3:a:ibm:leads:9.1.1:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-0126
2015-06-28 22:00:00
prion
prion
Design/Logic Flaw
2015-06-28 22:59:00
nvd
nvd
CVE-2015-0126
2015-06-28 22:59:04
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.2
Confidence
Low
EPSS
0.002
Percentile
61.5%
Related for CVE-2015-0126