Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code to enforce the EditSecurity permission requirement for the Export Key File function, which allows remote authenticated users to read a key file by removing a disable attribute in the Security sub-menu.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Rational Build Forge密钥文件信息泄露漏洞
Vulnerability Description
IBM Rational Build Forge 是专门用于构建和发布流程管理的软件。 IBM Rational Build Forge 7.1.2版本依赖客户端JavaScript代码强制执行Export Key File功能的EditSecurity许可要求。远程认证用户可通过删除Security子目录中的禁用属性读取密钥文件。
CVSS Information
N/A
Vulnerability Type
N/A