Lucene search

IbmCVELIST:CVE-2023-40363

HistoryNov 18, 2023 - 5:14 p.m.

CVE-2023-40363 IBM InfoSphere Information Server privilege escalation

2023-11-1817:14:04

ibm

www.cve.org

ibm

infosphere

privilege escalation

incorrect file permission

x-force id

authenticated user

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.3%

JSON

IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. IBM X-Force ID: 263332.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "InfoSphere Information Server",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "11.7"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/263332

www.ibm.com/support/pages/node/7070742

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.3%

JSON

Related for CVELIST:CVE-2023-40363