Forgerock Vulnerabilità

Sequenza temporale

Genere

Prodotto

ForgeRock Access Management5
Forgerock Access Management3
ForgeRock Access Managemen2
ForgeRock OpenIDM1
ForgeRock Access Management Web Policy Agent1

Contromisure

Official Fix10
Temporary Fix0
Workaround0
Unavailable0
Not Defined9

Sfruttabilità

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined19

Accesso al vettore

Not Defined0
Physical0
Local0
Adjacent3
Network16

Autenticazione

Not Defined0
High0
Low7
None12

Interazione dell'utente

Not Defined0
Required5
None14

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤40
≤51
≤66
≤75
≤82
≤94
≤101

CVSSv3 Temp

≤10
≤20
≤30
≤40
≤52
≤66
≤75
≤81
≤94
≤101

VulDB

≤10
≤20
≤30
≤41
≤54
≤62
≤75
≤86
≤90
≤101

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤75
≤82
≤91
≤103

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤71
≤82
≤91
≤105

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k1
<2k11
<5k7
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k16
<2k3
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Products (11): AM (1), Access Managemen (2), Access Management (8), Access Management Java Policy Agent (1), Access Management Web Policy Agent (1), IDM (1), Identity Manager (1), Java Remote Connector Server (1), OpenAM (2), OpenICF (1), OpenIDM (2)

Data di pubblicazioneBaseTempVulnerabilitàProdSfrConCTIEPSSCVE
27/03/20247.27.0Forgerock Access Management directory traversalAccess Management SoftwareNot DefinedOfficial Fix0.200.00043CVE-2023-0582
14/04/20239.89.8ForgeRock Access Management escalazione di privilegiAccess Management SoftwareNot DefinedNot Defined0.020.00066CVE-2022-3748
30/03/20236.06.0ForgeRock OpenIDM LDAP Connector crittografia deboleSconosciutoNot DefinedNot Defined0.030.00094CVE-2023-1656
28/02/20238.78.7ForgeRock Access Management Web Policy Agent directory traversalAccess Management SoftwareNot DefinedNot Defined0.000.00107CVE-2023-0339
28/02/20238.78.7ForgeRock Access Management Java Policy Agent directory traversalAccess Management SoftwareNot DefinedNot Defined0.000.00107CVE-2023-0511
27/10/20226.66.6ForgeRock Access Managemen LDAP Query escalazione di privilegiSconosciutoNot DefinedNot Defined0.000.00064CVE-2022-24670
27/10/20226.96.9ForgeRock Access Managemen Deployment escalazione di privilegiSconosciutoNot DefinedNot Defined0.000.00057CVE-2022-24669
20/09/20228.58.4ForgeRock IDM/Java Remote Connector Server LDAP Connector escalazione di privilegiProgramming Language SoftwareNot DefinedOfficial Fix0.040.00280CVE-2022-0143
15/02/20228.48.3ForgeRock Access Management escalazione di privilegiAccess Management SoftwareNot DefinedOfficial Fix0.000.00489CVE-2021-4201
26/08/20215.55.3ForgeRock Access Management SAML2 escalazione di privilegiAccess Management SoftwareNot DefinedOfficial Fix0.020.00221CVE-2021-37154

9 non vengono visualizzate più voci

Do you need the next level of professionalism?

Upgrade your account now!