Lucene search
HistoryJul 18, 2022 - 6:15 p.m.
CVE-2021-38868
ibm
engineering requirements
cross-site request forgery
unauthorized actions
x-force
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
20.0%
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force Id: 208310.
Affected configurations
Node
ibmengineering_requirements_quality_assistant_on-premises
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | engineering_requirements_quality_assistant_on-premises | * | cpe:2.3:a:ibm:engineering_requirements_quality_assistant_on-premises:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2021-38868
2022-07-18 18:15:08
prion
prion
Cross site request forgery (csrf)
2022-07-18 18:15:00
cnvd
cnvd
IBM Engineering Requirements Quality Assistant跨站请求伪造漏洞
2022-07-20 00:00:00
cvelist
cvelist
CVE-2021-38868
2022-07-18 17:00:34
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
20.0%
Related for NVD:CVE-2021-38868