Lucene search

[email protected]NVD:CVE-2023-23482

HistoryJun 08, 2023 - 2:15 a.m.

CVE-2023-23482

2023-06-0802:15:09

[email protected]

web.nvd.nist.gov

ibm

sterling partner

engagement manager

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.0%

JSON

IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim. IBM X-Force ID: 245891.

Affected configurations

NVD

Node

linuxlinux_kernelMatch-

AND

ibmsterling_partner_engagement_managerRange6.1.2–6.1.2.8essentials

ibmsterling_partner_engagement_managerRange6.1.2–6.1.2.8standard

ibmsterling_partner_engagement_managerRange6.2.0–6.2.0.6essentials

ibmsterling_partner_engagement_managerRange6.2.0–6.2.0.6standard

ibmsterling_partner_engagement_managerRange6.2.1–6.2.1.3essentials

ibmsterling_partner_engagement_managerRange6.2.1–6.2.1.3standard

References

exchange.xforce.ibmcloud.com/vulnerabilities/245891

www.ibm.com/support/pages/node/7001569

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.0%

JSON

Related for NVD:CVE-2023-23482

cve1 prion1 ibm1 cvelist1