Lucene search
K

153 matches found

Vulnrichment
Vulnrichment
added 2024/02/02 1:3 a.m.10 views

CVE-2023-50936 IBM PowerSC session fixation

IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 275116...

6.3CVSS8.2AI score0.00381EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/02 1:3 a.m.20 views

CVE-2023-50936 IBM PowerSC session fixation

IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 275116...

6.3CVSS8.3AI score0.00381EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/02 1:0 a.m.24 views

CVE-2023-50327 IBM PowerSC weak security

IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109...

5.3CVSS5.3AI score0.00492EPSS
Exploits0References2
CVE
CVE
added 2024/02/02 1:0 a.m.48 views

CVE-2023-50327

CVE-2023-50327 affects IBM PowerSC 1.3, 2.0, and 2.1. The vulnerability arises from the use of insecure HTTP methods, which could allow a remote attacker to modify unauthorized file requests. Affected components/filesets include powerscStd.uiServer, powerscStd.uiAgent, and powerscMFA.server (rang...

5.3CVSS5.1AI score0.00492EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/02 1:0 a.m.14 views

CVE-2023-50327 IBM PowerSC weak security

IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109...

5.3CVSS6.5AI score0.00492EPSS
Exploits0References2
OSV
OSV
added 2024/02/02 12:15 a.m.4 views

CVE-2023-50939

IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129...

7.5CVSS5.8AI score0.00337EPSS
Exploits0References2
NVD
NVD
added 2024/02/02 12:15 a.m.22 views

CVE-2023-50939

IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129...

7.5CVSS6.4AI score0.00337EPSS
Exploits0References2
Prion
Prion
added 2024/02/02 12:15 a.m.17 views

Code injection

IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129...

5CVSS6.5AI score0.00337EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/02/02 12:10 a.m.37 views

CVE-2023-50937 IBM PowerSC information disclosure

IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117...

5.9CVSS7.3AI score0.00318EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/02 12:10 a.m.11 views

CVE-2023-50937 IBM PowerSC information disclosure

IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117...

5.9CVSS7.2AI score0.00318EPSS
Exploits0References2
CVE
CVE
added 2024/02/02 12:10 a.m.36 views

CVE-2023-50937

CVE-2023-50937 affects IBM PowerSC versions 1.3, 2.0, and 2.1, where the use of weaker-than-expected cryptographic algorithms could allow an attacker to decrypt highly sensitive information. The issue is described in IBM’s PowerSC advisories and cross-referenced in X-Force (ID 275117). Affected f...

7.5CVSS7.2AI score0.00318EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/02 12:5 a.m.9 views

CVE-2023-50933 IBM PowerSC HTML injection

IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113...

6.1CVSS6.8AI score0.00409EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/02 12:5 a.m.18 views

CVE-2023-50933 IBM PowerSC HTML injection

IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 275113...

6.1CVSS6.4AI score0.00409EPSS
Exploits0References2
CVE
CVE
added 2024/02/02 12:5 a.m.47 views

CVE-2023-50933

CVE-2023-50933 – IBM PowerSC HTML injection is linked to IBM PowerSC components (versions 1.3, 2.0, 2.1). The vulnerability is described as a remote HTML injection that could cause malicious HTML to execute in the victim’s browser within the hosting site’s security context. Supported connected do...

6.1CVSS6.3AI score0.00409EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/02/02 12:1 a.m.66 views

CVE-2023-50326

CVE-2023-50326 concerns IBM PowerSC 1.3, 2.0 and 2.1, where an inadequate account lockout setting could allow a remote attacker to brute‑force credentials. The connected sources confirm the affected products/versions and describe the root cause as insufficient lockout controls, enabling credentia...

7.5CVSS7.3AI score0.00663EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/02 12:1 a.m.9 views

CVE-2023-50326 IBM PowerSC information Disclosure

IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 275107...

7.5CVSS6.5AI score0.00663EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/02 12:1 a.m.23 views

CVE-2023-50326 IBM PowerSC information Disclosure

IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 275107...

7.5CVSS7.3AI score0.00663EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/02 12:0 a.m.5 views

IBM PowerSC 安全漏洞

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from an information disclosure vulnerability vulnerability that stems from not using proper account lockout settings, which can be exploited by an attacker to...

7.5CVSS6.2AI score0.00663EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/02 12:0 a.m.5 views

IBM PowerSC 安全漏洞

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. An information disclosure vulnerability exists in IBM PowerSC, which can be exploited by an attacker to view session identifiers passed via URL query strings...

5.3CVSS6AI score0.00532EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/02 12:0 a.m.4 views

IBM PowerSC 安全漏洞

IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. An information disclosure vulnerability exists in IBM PowerSC that stems from MFA not implementing the HSTS security policy mechanism, which can be exploited by an attacker to cau...

7.5CVSS6.1AI score0.00318EPSS
Exploits0References3
Rows per page
Query Builder