Lucene search
IbmCVELIST:CVE-2023-38002HistoryApr 30, 2024 - 2:40 p.m.
CVE-2023-38002 IBM Storage Scale session fixation
2024-04-3014:40:43
CWE-384
ibm
www.cve.org
ibm
storage scale
session fixation
vulnerability
x-force
authenticated user
steal
manipulate
active session
gain access
system
cve-2023-38002
5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
5.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an authenticated user to steal or manipulate an active session to gain access to the system. IBM X-Force ID: 260208.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Storage Scale",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "5.1.9.2",
"status": "affected",
"version": "5.1.0.0",
"versionType": "semver"
}
]
}
]Related
cve
cve
CVE-2023-38002
2024-04-30 15:15:50
vulnrichment
vulnrichment
CVE-2023-38002 IBM Storage Scale session fixation
2024-04-30 14:40:43
nvd
nvd
CVE-2023-38002
2024-04-30 15:15:50
ibm
ibm
5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
5.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2023-38002