6.5
CVE-2023-46169
- EPSS 0.06%
- Veröffentlicht 07.03.2024 21:15:06
- Zuletzt bearbeitet 11.03.2025 16:55:36
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM DS8900F file manipulation
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily delete a file. IBM X-Force ID: 269406.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Ds8900f Firmware Version89.22.19.0
Ibm ≫ Ds8900f Firmware Version89.30.68.0
Ibm ≫ Ds8900f Firmware Version89.32.40.0
Ibm ≫ Ds8900f Firmware Version89.33.48.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.193 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|
| psirt@us.ibm.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|
CWE-41 Improper Resolution of Path Equivalence
The product is vulnerable to file system contents disclosure through path equivalence. Path equivalence involves the use of special characters in file and directory names. The associated manipulations are intended to generate multiple names for the same object.