CVE-2023-47142

2024-02-0214:15:54

CWE-264

[email protected]

web.nvd.nist.gov

ibm

tivoli

application

dependency

discovery

manager

cve-2023-47142

security

vulnerability

escalation

api access

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

Percentile

14.2%

JSON

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization’s local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267.

Affected configurations

Vulners

NVD

Node

ibmtivoli_application_dependency_discovery_managerRange7.3.0.0–7.3.0.10

VendorProductVersionCPE
ibmtivoli_application_dependency_discovery_manager*cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	tivoli_application_dependency_discovery_manager	*	cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Tivoli Application Dependency Discovery Manager",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "7.3.0.10",
        "status": "affected",
        "version": "7.3.0.0",
        "versionType": "semver"
      }
    ]
  }
]