CVE-2023-47709

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-47709

9.1 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

I

BM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 271524.

References
Link Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/271524 Vendor Advisory
https://www.ibm.com/support/pages/node/7150840 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/271524 Vendor Advisory
https://www.ibm.com/support/pages/node/7150840 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:security_guardium:11.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium:11.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium:11.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium:12.0:*:*:*:*:*:*:*
History

14 Jan 2025, 21:03

Type Values Removed Values Added
First Time Ibm
Ibm security Guardium
CPE cpe:2.3:a:ibm:security_guardium:12.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium:11.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium:11.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_guardium:11.3:*:*:*:*:*:*:*
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/271524 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/271524 - Vendor Advisory
References () https://www.ibm.com/support/pages/node/7150840 - () https://www.ibm.com/support/pages/node/7150840 - Vendor Advisory

21 Nov 2024, 08:30

Type Values Removed Values Added
Summary
  • (es) IBM Security Guardium 11.3, 11.4, 11.5 y 12.0 podría permitir que un atacante remoto autenticado ejecute comandos arbitrarios en el sistema enviando una solicitud especialmente manipulada. ID de IBM X-Force: 271524.
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/271524 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/271524 -
References () https://www.ibm.com/support/pages/node/7150840 - () https://www.ibm.com/support/pages/node/7150840 -

14 May 2024, 13:56

Type Values Removed Values Added
New CVE
Information

Published : 2024-05-14 13:56

Updated : 2025-01-14 21:03

NVD link : CVE-2023-47709

Mitre link : CVE-2023-47709

CVE.ORG link : CVE-2023-47709

JSON object : View

Products Affected

ibm

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')