CVE-2016-0701
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Berechtigungen.
EPSS 27.48% · 96.5th percentile
Risk Scores
Exploit Intelligence
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
- Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
- Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
…and 630 more exploits
Timeline
- CVE Published
- Mar 28, 2016 PoC Published
- Oct 2, 2020 PoC Published
- Nov 6, 2020 PoC Published
- Sep 6, 2021 PoC Published
- Feb 4, 2022 EPSS Score
- Oct 9, 2024 PoC Published
- Dec 5, 2024 EPSS Score
- Dec 12, 2024 PoC Published
- Mar 17, 2025 EPSS Score
- Mar 20, 2025 EPSS Score
- Mar 23, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1594.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1594 advisory
- https://www.ibm.com/support/pages/node/885316 advisory
- https://www.ibm.com/support/pages/node/884276 advisory
- https://www.ibm.com/support/pages/node/883428 advisory
- https://www.ibm.com/support/pages/node/883424 advisory
- https://www.ibm.com/support/pages/node/882926 advisory
- https://www.ibm.com/support/pages/node/882898 advisory
- https://www.ibm.com/support/pages/node/882888 advisory
- https://www.ibm.com/support/pages/node/880403 advisory
- https://www.ibm.com/support/pages/node/880401 advisory
- https://www.ibm.com/support/pages/node/880395 advisory
- https://www.ibm.com/support/pages/node/879855 advisory
- https://www.ibm.com/support/pages/node/879841 advisory
- https://www.ibm.com/support/pages/node/870546 advisory
- https://www.ibm.com/support/pages/node/870526 advisory
- https://www.ibm.com/support/pages/node/870508 advisory
- https://www.ibm.com/support/pages/node/870504 advisory
- https://www.ibm.com/support/pages/node/870500 advisory
- https://www.ibm.com/support/pages/node/870498 advisory
…and 34 more