153 matches found
CVE-2023-50936 IBM PowerSC session fixation
IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 275116...
CVE-2023-50936 IBM PowerSC session fixation
IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 275116...
CVE-2023-50327 IBM PowerSC weak security
IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109...
CVE-2023-50327
CVE-2023-50327 affects IBM PowerSC 1.3, 2.0, and 2.1. The vulnerability arises from the use of insecure HTTP methods, which could allow a remote attacker to modify unauthorized file requests. Affected components/filesets include powerscStd.uiServer, powerscStd.uiAgent, and powerscMFA.server (rang...
CVE-2023-50327 IBM PowerSC weak security
IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109...
CVE-2023-50939
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129...
CVE-2023-50939
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129...
Code injection
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129...
CVE-2023-50937 IBM PowerSC information disclosure
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117...
CVE-2023-50937 IBM PowerSC information disclosure
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117...
CVE-2023-50937
CVE-2023-50937 affects IBM PowerSC versions 1.3, 2.0, and 2.1, where the use of weaker-than-expected cryptographic algorithms could allow an attacker to decrypt highly sensitive information. The issue is described in IBM’s PowerSC advisories and cross-referenced in X-Force (ID 275117). Affected f...
CVE-2023-50933 IBM PowerSC HTML injection
IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113...
CVE-2023-50933 IBM PowerSC HTML injection
IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113...
CVE-2023-50933
CVE-2023-50933 – IBM PowerSC HTML injection is linked to IBM PowerSC components (versions 1.3, 2.0, 2.1). The vulnerability is described as a remote HTML injection that could cause malicious HTML to execute in the victim’s browser within the hosting site’s security context. Supported connected do...
CVE-2023-50326
CVE-2023-50326 concerns IBM PowerSC 1.3, 2.0 and 2.1, where an inadequate account lockout setting could allow a remote attacker to brute‑force credentials. The connected sources confirm the affected products/versions and describe the root cause as insufficient lockout controls, enabling credentia...
CVE-2023-50326 IBM PowerSC information Disclosure
IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 275107...
CVE-2023-50326 IBM PowerSC information Disclosure
IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 275107...
IBM PowerSC 安全漏洞
IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from an information disclosure vulnerability vulnerability that stems from not using proper account lockout settings, which can be exploited by an attacker to...
IBM PowerSC 安全漏洞
IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. An information disclosure vulnerability exists in IBM PowerSC, which can be exploited by an attacker to view session identifiers passed via URL query strings...
IBM PowerSC 安全漏洞
IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. An information disclosure vulnerability exists in IBM PowerSC that stems from MFA not implementing the HSTS security policy mechanism, which can be exploited by an attacker to cau...