Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 13/12/2023 Updated: 19/12/2023

CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8

VMScore: 0

IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a remote authenticated user to obtain sensitive information, caused by improper filtering of URLs. By submitting a specially crafted HTTP GET request, an attacker could exploit this vulnerability to view application source code, system configuration information, or other sensitive data related to the Management Interface. IBM X-Force ID: 272651.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm virtualization_engine_ts7760_3957-vec_firmware
ibm virtualization_engine_ts7770_3957-ved_firmware
ibm virtualization_engine_ts7770_3948-ved_firmware

CWE-200 https://www.ibm.com/support/pages/node/7092383 https://exchange.xforce.ibmcloud.com/vulnerabilities/272651 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-49877

Vulnerability Summary

References

Vulmon Search

About

Products

Connect