Lucene search
HistoryJun 28, 2015 - 10:59 p.m.
CVE-2015-0126
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6
Confidence
Low
EPSS
0.002
Percentile
61.5%
IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to bypass intended file-upload restrictions via a modified extension.
Affected configurations
Node
ibmleadsMatch7.1.0
ORibmleadsMatch7.1.1
ORibmleadsMatch7.5.0
ORibmleadsMatch8.1.0
ORibmleadsMatch8.2.0
ORibmleadsMatch8.5.0
ORibmleadsMatch8.6.0
ORibmleadsMatch9.0.0
ORibmleadsMatch9.1.0
ORibmleadsMatch9.1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | leads | 7.1.0 | cpe:2.3:a:ibm:leads:7.1.0:*:*:*:*:*:*:* |
| ibm | leads | 7.1.1 | cpe:2.3:a:ibm:leads:7.1.1:*:*:*:*:*:*:* |
| ibm | leads | 7.5.0 | cpe:2.3:a:ibm:leads:7.5.0:*:*:*:*:*:*:* |
| ibm | leads | 8.1.0 | cpe:2.3:a:ibm:leads:8.1.0:*:*:*:*:*:*:* |
| ibm | leads | 8.2.0 | cpe:2.3:a:ibm:leads:8.2.0:*:*:*:*:*:*:* |
| ibm | leads | 8.5.0 | cpe:2.3:a:ibm:leads:8.5.0:*:*:*:*:*:*:* |
| ibm | leads | 8.6.0 | cpe:2.3:a:ibm:leads:8.6.0:*:*:*:*:*:*:* |
| ibm | leads | 9.0.0 | cpe:2.3:a:ibm:leads:9.0.0:*:*:*:*:*:*:* |
| ibm | leads | 9.1.0 | cpe:2.3:a:ibm:leads:9.1.0:*:*:*:*:*:*:* |
| ibm | leads | 9.1.1 | cpe:2.3:a:ibm:leads:9.1.1:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2015-0126
2015-06-28 22:59:04
cvelist
cvelist
CVE-2015-0126
2015-06-28 22:00:00
prion
prion
Design/Logic Flaw
2015-06-28 22:59:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6
Confidence
Low
EPSS
0.002
Percentile
61.5%
Related for NVD:CVE-2015-0126