6.5
CVE-2023-46169
- EPSS 0.06%
- Veröffentlicht 07.03.2024 21:15:06
- Zuletzt bearbeitet 11.03.2025 16:55:36
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily delete a file. IBM X-Force ID: 269406.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Ds8900f Firmware Version89.22.19.0
Ibm ≫ Ds8900f Firmware Version89.30.68.0
Ibm ≫ Ds8900f Firmware Version89.32.40.0
Ibm ≫ Ds8900f Firmware Version89.33.48.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.198 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|
| psirt@us.ibm.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|
CWE-41 Improper Resolution of Path Equivalence
The product is vulnerable to file system contents disclosure through path equivalence. Path equivalence involves the use of special characters in file and directory names. The associated manipulations are intended to generate multiple names for the same object.