Main Vulnerability Database Vulnerabilities #VU86705

#VU86705 Absolute Path Traversal in IBM InfoSphere Information Server - CVE-2023-50955

Published: February 22, 2024

Vulnerability identifier: #VU86705

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-50955

CWE-ID: CWE-36

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
IBM InfoSphere Information Server

Software vendor:
IBM Corporation

Description

The vulnerability allows an adjacent privileged user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. An adjacent privileged user can gain unauthorized access to sensitive information on the system.

Remediation

Install updates from vendor's website.

External links

https://www.ibm.com/support/pages/node/7116610
https://exchange.xforce.ibmcloud.com/vulnerabilities/275777