Lucene search

IbmCVELIST:CVE-2023-43040

HistoryMay 13, 2024 - 2:18 a.m.

CVE-2023-43040 IBM Spectrum Fusion HCI improper access control

2024-05-1302:18:30

CWE-1220

ibm

raw.githubusercontent.com

ibm

spectrum fusion

hci

improper access control

cve-2023-43040

unauthorized actions

rgw

ceph

ibm x-force id

266807

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.7%

JSON

IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807.