MEDIUM🇵🇱 Wersja polska

CVE-2023-50327

CVSS 5.3v3.1pub. 2024-02-02upd. 2024-11-21

IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
  • IBM Powersc

    APP
    Ibm
    1.32.02.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-50326HIGH7.5ten sam produkt

IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to...

CVE-2023-50933MEDIUM6.1ten sam produkt

IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML c...

CVE-2023-50934MEDIUM5.3ten sam produkt

IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromi...

CVE-2023-50935MEDIUM6.5ten sam produkt

IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may allow a remote...

CVE-2023-50936MEDIUM6.3ten sam produkt

IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user...