Lucene search

IbmVULNRICHMENT:CVE-2023-32329

HistoryFeb 03, 2024 - 1:00 a.m.

CVE-2023-32329 IBM Security Access Manager Container improper file validation

2024-02-0301:00:15

CWE-345

ibm

github.com

ibm

security access manager

container

file validation

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.3

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file validation. IBM X-Force ID: 254972.

References

exchange.xforce.ibmcloud.com/vulnerabilities/254972

www.ibm.com/support/pages/node/7106586

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.3

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-32329