Lucene search

[email protected]NVD:CVE-2023-22878

HistoryMay 19, 2023 - 4:15 p.m.

CVE-2023-22878

2023-05-1916:15:10

CWE-312

[email protected]

web.nvd.nist.gov

ibm

infosphere

plain text

user credentials

local user

vulnerability

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 244373.

Affected configurations

NVD

Node

ibminfosphere_information_serverMatch11.7

AND

ibmaixMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

References

exchange.xforce.ibmcloud.com/vulnerabilities/244373

https://www.ibm.com/support/pages/node/6988155

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-22878

cve1 cnvd1 cvelist1 prion1 ibm1