| |
Vulnerability CVE-2017-1265
Published: 2018-12-17
Description: |
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 does not validate, or incorrectly validates, a certificate. This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) techniques. IBM X-Force ID: 124740. |
Type:
CWE-295 (Certificate Issues)
CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.3/10 |
2.9/10 |
8.6/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
http://www.securityfocus.com/bid/106234
https://exchange.xforce.ibmcloud.com/vulnerabilities/124740
https://www.ibm.com/support/docview.wss?uid=swg22014229
|
|
|
Copyright 2024, cxsecurity.com
|
|
|