CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
9.0%
An information disclosure vulnerability in IBM InfoSphere Information Server was addressed.
CVEID:CVE-2023-50955
**DESCRIPTION:**IBM InfoSphere Information Server could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system.
CVSS Base score: 2.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/275777 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
InfoSphere Information Server | 11.7 |
Product | VRMF | APAR | Remediation |
---|---|---|---|
InfoSphere Information Server, InfoSphere Information Server on Cloud | 11.7 | DT255081 | --Apply IBM InfoSphere Information Server version 11.7.1.0 |
--Apply InfoSphere Information Server version 11.7.1.4 | |||
--Apply InfoSphere Information Server 11.7.1.4 Service pack 2 | |||
--Apply Information Server Framework security patch |
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | infosphere_information_server | 11.7 | cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:* |
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
9.0%