Lucene search

IbmCVELIST:CVE-2023-50955

HistoryFeb 21, 2024 - 2:32 p.m.

CVE-2023-50955 IBM InfoSphere Information Server information disclosure

2024-02-2114:32:06

CWE-36

ibm

www.cve.org

ibm

infosphere

information server

11.7

information disclosure

cve-2023-50955

x-force id 275777

privileged user

web server installation

CVSS3

2.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

AI Score

3.5

Confidence

Low

EPSS

Percentile

9.0%

JSON

IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system. IBM X-Force ID: 275777.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "InfoSphere Information Server",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "11.7"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/275777

www.ibm.com/support/pages/node/7116610

CVSS3

2.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

AI Score

3.5

Confidence

Low

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2023-50955