Lucene search
K

153 matches found

CNVD
CNVD
added 2024/02/05 12:0 a.m.13 views

Unspecified Vulnerability in IBM PowerSC

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. A security vulnerability exists in IBM PowerSC versions 1.3, 2.0 and 2.1, which can be exploited by an attacker to perform privileged operations and retrieve sensitive information...

9.8CVSS6.7AI score0.00456EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/04 12:0 a.m.20 views

IBM PowerSC Encryption Issue Vulnerability

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from an encryption issue vulnerability that stems from the use of a weaker-than-expected encryption algorithm, which could be exploited by an attacker to decry...

7.5CVSS6.5AI score0.00337EPSS
Exploits0References1
NVD
NVD
added 2024/02/02 2:15 a.m.11 views

CVE-2023-50962

IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" HSTS web security policy mechanism. IBM X-Force ID: 276004...

7.5CVSS6.5AI score0.00318EPSS
Exploits0References2
OSV
OSV
added 2024/02/02 2:15 a.m.4 views

CVE-2023-50962

IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" HSTS web security policy mechanism. IBM X-Force ID: 276004...

7.5CVSS5.8AI score0.00318EPSS
Exploits0References2
OSV
OSV
added 2024/02/02 2:15 a.m.3 views

CVE-2023-50935

IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may allow a remote attacker to obtain unauthorized access to application functionality and/or resources. IBM X-Force ID: 275115...

6.5CVSS5.8AI score0.00407EPSS
Exploits0References2
NVD
NVD
added 2024/02/02 2:15 a.m.16 views

CVE-2023-50938

IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the...

6.5CVSS6.6AI score0.00401EPSS
Exploits0References2
OSV
OSV
added 2024/02/02 2:15 a.m.5 views

CVE-2023-50941

IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. IBM X-Force ID: 275131...

5.4CVSS5.8AI score0.00285EPSS
Exploits0References2
OSV
OSV
added 2024/02/02 2:15 a.m.6 views

CVE-2023-50938

IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the...

4.3CVSS5.8AI score0.00401EPSS
Exploits0References2
NVD
NVD
added 2024/02/02 2:15 a.m.18 views

CVE-2023-50941

IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. IBM X-Force ID: 275131...

6.3CVSS6.6AI score0.00285EPSS
Exploits0References2
NVD
NVD
added 2024/02/02 2:15 a.m.22 views

CVE-2023-50935

IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may allow a remote attacker to obtain unauthorized access to application functionality and/or resources. IBM X-Force ID: 275115...

6.5CVSS6.5AI score0.00407EPSS
Exploits0References2
OSV
OSV
added 2024/02/02 2:15 a.m.4 views

CVE-2023-50328

IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. IBM X-Force ID: 275110...

5.3CVSS5.8AI score0.00532EPSS
Exploits0References2
NVD
NVD
added 2024/02/02 2:15 a.m.28 views

CVE-2023-50934

IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. IBM X-Force ID: 275114...

5.3CVSS5.6AI score0.0044EPSS
Exploits0References2
OSV
OSV
added 2024/02/02 2:15 a.m.5 views

CVE-2023-50934

IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. IBM X-Force ID: 275114...

5.3CVSS5.8AI score0.0044EPSS
Exploits0References2
NVD
NVD
added 2024/02/02 2:15 a.m.11 views

CVE-2023-50328

IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. IBM X-Force ID: 275110...

5.3CVSS4.9AI score0.00532EPSS
Exploits0References2
Prion
Prion
added 2024/02/02 2:15 a.m.19 views

Code injection

IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. IBM X-Force ID: 275110...

5CVSS6.7AI score0.00532EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2024/02/02 2:15 a.m.18 views

Session fixation

IBM PowerSC 1.3, 2.0, and 2.1 does not provide logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. IBM X-Force ID: 275131...

5.5CVSS6.7AI score0.00285EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2024/02/02 2:15 a.m.16 views

Code injection

IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the...

4.3CVSS6.7AI score0.00401EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2024/02/02 2:15 a.m.16 views

Code injection

IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may allow a remote attacker to obtain unauthorized access to application functionality and/or resources. IBM X-Force ID: 275115...

6.4CVSS6.7AI score0.00407EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2024/02/02 2:15 a.m.11 views

Authentication flaw

IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. IBM X-Force ID: 275114...

5CVSS6.8AI score0.0044EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2024/02/02 2:15 a.m.13 views

Design/Logic Flaw

IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" HSTS web security policy mechanism. IBM X-Force ID: 276004...

5CVSS6.7AI score0.00318EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder