CVE-2017-1453

CWE-78OS Command Injection4 documents4 sources
Severity
8.8HIGH
EPSS
5.0%
top 10.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Security Access ManagerIBM Security Access Manager 9.0 Firmware
Timeline
PublishedNov 13
Latest updateMay 13

Description

IBM Security Access Manager Appliance 9.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 128372.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-xmqw-3rv2-c2hm: IBM Security Access Manager Appliance 92022-05-13
CVEList
CVE-2017-1453: IBM Security Access Manager Appliance 92017-11-13

💥Exploits & PoCs

1
Exploit-DB
Artifex MuPDF mujstest 1.10a - Null Pointer Dereference2017-02-17
CVE-2017-1453 (HIGH CVSS 8.8) | IBM Security Access Manager Applian | cvebase.io