CyberSec.Space Logo
返回 CVE 浏览器

CVE-2018-1756

HIGH
7.5
CVSS Severity Score
EPSS Score0.0870%
EPSS Percentile24.46th
Published2018年9月7日
Last Modified2024年11月21日

Vulnerability Description

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-Force ID: 148599.

Affected Platforms (CPE)

📦
Ibm

Security Identity Governance And Intelligence

= 5.2.3.2
📦
Ibm

Security Identity Governance And Intelligence

= 5.2.4

References & Advisories

🔗 http://www.ibm.com/support/docview.wss?uid=ibm10728883
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/148599
🔗 https://www.exploit-db.com/exploits/45392/
🔗 http://www.ibm.com/support/docview.wss?uid=ibm10728883
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/148599
🔗 https://www.exploit-db.com/exploits/45392/

相关漏洞威胁

CVE-2020-49589.8

IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for functionality that requires a prov...

CVE-2020-47958.2

IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information to an unauthorized user using a speci...

CVE-2020-42327.5

IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credent...

CVE-2020-42457.5

IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which...