Lucene search

[email protected]NVD:CVE-2024-41773

HistoryAug 20, 2024 - 8:15 p.m.

CVE-2024-41773

2024-08-2020:15:08

CWE-708

[email protected]

web.nvd.nist.gov

ibm

configuration management

global baseline

improper access controls

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

16.8%

JSON

IBM Global Configuration Management 7.0.2 and 7.0.3 could allow an authenticated user to archive a global baseline due to improper access controls.

Affected configurations

Nvd

Node

ibmglobal_configuration_managementMatch7.0.2

ibmglobal_configuration_managementMatch7.0.3

VendorProductVersionCPE
ibmglobal_configuration_management7.0.2cpe:2.3:a:ibm:global_configuration_management:7.0.2:*:*:*:*:*:*:*
ibmglobal_configuration_management7.0.3cpe:2.3:a:ibm:global_configuration_management:7.0.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	global_configuration_management	7.0.2	cpe:2.3:a:ibm:global_configuration_management:7.0.2:::::::*
ibm	global_configuration_management	7.0.3	cpe:2.3:a:ibm:global_configuration_management:7.0.3:::::::*

References

exchange.xforce.ibmcloud.com/vulnerabilities/350347

www.ibm.com/support/pages/node/7165963

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

16.8%

JSON

Related for NVD:CVE-2024-41773

ibm1 cve1 cvelist1 vulnrichment1