VDB
CVE-2025-5878
CVE-2025-5878
PUBLISHED
CVSS 9.300000190734863 CRITICAL
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
EPSS 0.63% · 70.6th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
EPSS Score
0.63%
70.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | Cloud Pak | |
| IBM | Sterling | |
| IBM | WebSphere |
Exploit Intelligence
- 针对ESAPI 的ESAPI.encoder().encodeForSQL()方法,OracleCodec对象的sql 时间盲注利用 (github-poc-repo)
- 针对ESAPI 的ESAPI.encoder().encodeForSQL()方法,OracleCodec对象的sql 时间盲注利用 (github-poc-repo)
- 针对ESAPI 的ESAPI.encoder().encodeForSQL()方法,OracleCodec对象的sql 时间盲注利用 (github-poc-repo)
- 针对ESAPI 的ESAPI.encoder().encodeForSQL()方法,OracleCodec对象的sql 时间盲注利用 (github-poc-repo)
- 针对ESAPI 的ESAPI.encoder().encodeForSQL()方法,OracleCodec对象的sql 时间盲注利用 (github-poc-repo)
- 针对ESAPI 的ESAPI.encoder().encodeForSQL()方法,OracleCodec对象的sql 时间盲注利用 (github-poc-repo)
- 针对ESAPI 的ESAPI.encoder().encodeForSQL()方法,OracleCodec对象的sql 时间盲注利用 (github-poc-repo)
- 针对ESAPI 的ESAPI.encoder().encodeForSQL()方法,OracleCodec对象的sql 时间盲注利用 (github-poc-repo)
- 针对ESAPI 的ESAPI.encoder().encodeForSQL()方法,OracleCodec对象的sql 时间盲注利用 (github-poc)
- 针对ESAPI 的ESAPI.encoder().encodeForSQL()方法,OracleCodec对象的sql 时间盲注利用 (github-poc)
…and 13 more exploits
Timeline
- Jun 29, 2025 EPSS Score
- Jun 29, 2025 CVE Published
- Jul 9, 2025 EPSS Score
- Jul 19, 2025 EPSS Score
- Jul 28, 2025 EPSS Score
- Aug 7, 2025 EPSS Score
- Aug 17, 2025 EPSS Score
- Aug 27, 2025 EPSS Score
- Sep 6, 2025 EPSS Score
- Sep 16, 2025 EPSS Score
- Sep 25, 2025 EPSS Score
- Oct 5, 2025 EPSS Score
References
- https://cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-1034/ advisory
- https://www.ibm.com/support/pages/node/7252195 advisory
- https://www.ibm.com/support/pages/node/7251899 advisory
- https://www.ibm.com/support/pages/node/7252194 advisory
- https://www.ibm.com/support/pages/node/7252193 advisory
- https://www.ibm.com/support/pages/node/7251468 advisory
- https://www.ibm.com/support/pages/node/7251492 advisory
- https://www.ibm.com/support/pages/node/7251474 advisory
- https://www.ibm.com/support/pages/node/7251466 advisory
- https://cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-0969/ advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357 advisory
…and 63 more