IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NIBM Powersc
APPIbm1.32.02.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2023-50326HIGH7.5ten sam produkt
IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to...
CVE-2023-50933MEDIUM6.1ten sam produkt
IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML c...
CVE-2023-50934MEDIUM5.3ten sam produkt
IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromi...
CVE-2023-50935MEDIUM6.5ten sam produkt
IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may allow a remote...
CVE-2023-50936MEDIUM6.3ten sam produkt
IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user...