Forgerock Уязвимости

Временная шкала

Тип

Access Management Software	10
Not Defined	8
Programming Language Software	1

Продукт

ForgeRock Access Management	5
Forgerock Access Management	3
ForgeRock Access Managemen	2
ForgeRock OpenIDM	1
ForgeRock Access Management Web Policy Agent	1

Устранение последствий

Official Fix	10
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	9

Эксплуатационная пригодность

High	1
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	18

Вектор доступа

Not Defined	0
Physical	0
Local	0
Adjacent	3
Network	16

Аутентификация

Not Defined	0
High	0
Low	7
None	12

Взаимодействие с пользователем

Not Defined	0
Required	5
None	14

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	6
≤7	5
≤8	2
≤9	4
≤10	1

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	6
≤7	5
≤8	1
≤9	4
≤10	1

VulDB

≤1	0
≤2	0
≤3	0
≤4	1
≤5	4
≤6	2
≤7	5
≤8	6
≤9	0
≤10	1

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	5
≤8	2
≤9	1
≤10	3

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	1
≤8	2
≤9	1
≤10	5

Поставщик

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Эксплойт 0-дня

<1k	1
<2k	12
<5k	6
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Эксплойт сегодня

<1k	15
<2k	3
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Объем рынка эксплойтов

🔴 CTI Деятельность

Affected Products (11): AM (1), Access Managemen (2), Access Management (8), Access Management Java Policy Agent (1), Access Management Web Policy Agent (1), IDM (1), Identity Manager (1), Java Remote Connector Server (1), OpenAM (2), OpenICF (1), OpenIDM (2)

Опубликовано	Base	Temp	Уязвимости	Prod	Э�	Rem	EPSS	CTI	CVE
27.03.2024	7.2	7.0	Forgerock Access Management обход каталога	Access Management Software	Not Defined	Official Fix	0.00044	0.04	CVE-2023-0582
14.04.2023	9.8	9.8	ForgeRock Access Management эскалация привилегий	Access Management Software	Not Defined	Not Defined	0.00104	0.00	CVE-2022-3748
30.03.2023	6.0	6.0	ForgeRock OpenIDM LDAP Connector слабое шифрование	Неизвестно	Not Defined	Not Defined	0.00132	0.03	CVE-2023-1656
28.02.2023	8.7	8.7	ForgeRock Access Management Web Policy Agent обход каталога	Access Management Software	Not Defined	Not Defined	0.00121	0.00	CVE-2023-0339
28.02.2023	8.7	8.7	ForgeRock Access Management Java Policy Agent обход каталога	Access Management Software	Not Defined	Not Defined	0.00121	0.00	CVE-2023-0511
27.10.2022	6.6	6.6	ForgeRock Access Managemen LDAP Query эскалация привилегий	Неизвестно	Not Defined	Not Defined	0.00062	0.00	CVE-2022-24670
27.10.2022	6.9	6.9	ForgeRock Access Managemen Deployment эскалация привилегий	Неизвестно	Not Defined	Not Defined	0.00063	0.00	CVE-2022-24669
20.09.2022	8.5	8.4	ForgeRock IDM/Java Remote Connector Server LDAP Connector эскалация привилегий	Programming Language Software	Not Defined	Official Fix	0.00289	0.00	CVE-2022-0143
15.02.2022	8.4	8.3	ForgeRock Access Management эскалация привилегий	Access Management Software	Not Defined	Official Fix	0.00489	0.05	CVE-2021-4201
26.08.2021	5.5	5.3	ForgeRock Access Management SAML2 эскалация привилегий	Access Management Software	Not Defined	Official Fix	0.00221	0.02	CVE-2021-37154

9 больше записей не показано

🔒 Login Required

You need to signup and login to see more of the remaining 9 results.

◂ ПредыдущийОбзорДалее ▸

Interested in the pricing of exploits?

See the underground prices here!