Vulnerabilities > CVE-2023-24958 - Unspecified vulnerability in IBM products

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ibm

NVD

Published: 2023-05-04

Updated: 2023-05-10

Summary

A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. IBM X-Force ID: 246320.

Vulnerable Configurations

Part	Description	Count
OS	Ibm IBM 3957 VEC Firmware 8.51.0 IBM 3957 VEC Firmware 8.52.100.0 IBM 3957 VED Firmware * IBM 3957 VED Firmware 8.52.100.0 IBM 3957 VED Firmware 8.52.200.0 IBM 3957 VED Firmware 8.53.0 IBM 3948 VED Firmware 8.53.0 IBM 3948 VED Firmware 8.53.0.63	8
Hardware	Ibm IBM 3957 VEC - IBM 3957 VED - IBM 3948 VED -	3

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/246320
https://www.ibm.com/support/pages/node/6980845