返回 CVE 瀏覽器

CVE-2017-1407

HIGH

8.8

CVSS Severity Score

EPSS Score0.0360%

EPSS Percentile5.81th

Published2017年9月28日

Last Modified2026年5月13日

Vulnerability Description

IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 127394.

Affected Platforms (CPE)

📦

Ibm

Security Identity Governance And Intelligence

= 5.2.0

📦

Ibm

Security Identity Governance And Intelligence

= 5.2.1

📦

Ibm

Security Identity Manager

= 6.0.0.0

📦

Ibm

Security Identity Manager

= 7.0.0.0

📦

Ibm

Security Privileged Identity Manager

= 2.0.0

📦

Ibm

Security Privileged Identity Manager

= 2.0.1

📦

Ibm

Security Privileged Identity Manager

= 2.0.2

References & Advisories

🔗 http://www.ibm.com/support/docview.wss?uid=swg22007377

🔗 http://www.securityfocus.com/bid/101015

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/127394

🔗 http://www.ibm.com/support/docview.wss?uid=swg22007377

🔗 http://www.securityfocus.com/bid/101015

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/127394

相關漏洞威脅

CVE-2020-49589.8

IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for functionality that requires a prov...

CVE-2020-47958.2

IBM Security Identity Governance and Intelligence 5.2.6 could disclose sensitive information to an unauthorized user using a speci...

CVE-2018-17567.5

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send s...

CVE-2020-42327.5

IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credent...