Description
IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper input validation. A malicious administrator could bypass the user interface and send requests to the IBM Content Navigator server with illegal characters that could be stored in the IBM Content Navigator database. IBM X-Force ID: 183316.
CVSS breakdown
CVSS 3.0
Attack Vector
Network
Scope
Unchanged
Availability
None
Confidentiality
None
Privileges Required
Low
Integrity
Low
Attack Complexity
Low
User Interaction
None
RL
O
E
Unchanged
RC
Changed
Affected products
- ibm / content_navigator3.0.7 – 3.0.7
- ibm / content_navigator3.0.8 – 3.0.8