Page 2 of 13 results (0.004 seconds)

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-50934 – IBM PowerSC improper authentication

https://notcve.org/view.php?id=CVE-2023-50934

IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary risk of compromise when compared with the benefits of a dual-factor authentication scheme. IBM X-Force ID: 275114. IBM PowerSC 1.3, 2.0 y 2.1 utiliza autenticación de un solo factor, lo que puede generar riesgos innecesarios de compromiso en comparación con los beneficios de un esquema de autenticación de doble factor. ID de IBM X-Force: 275114. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275114 https://www.ibm.com/support/pages/node/7113759 • CWE-287: Improper Authentication CWE-308: Use of Single-factor Authentication •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-50940 – IBM PowerSC cross-resource origin sharing

https://notcve.org/view.php?id=CVE-2023-50940

IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 275130. IBM PowerSC 1.3, 2.0 y 2.1 utiliza el uso compartido de recursos entre orígenes (CORS), lo que podría permitir a un atacante llevar a cabo acciones privilegiadas y recuperar información confidencial, ya que el nombre de dominio no se limita solo a dominios confiables. ID de IBM X-Force: 275130. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275130 https://www.ibm.com/support/pages/node/7113759 • CWE-697: Incorrect Comparison CWE-942: Permissive Cross-domain Policy with Untrusted Domains •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-50936 – IBM PowerSC session fixation

https://notcve.org/view.php?id=CVE-2023-50936

IBM PowerSC 1.3, 2.0, and 2.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 275116. IBM PowerSC 1.3, 2.0 y 2.1 no invalida la sesión después del cierre de sesión, lo que podría permitir que un usuario autenticado se haga pasar por otro usuario en el sistema. ID de IBM X-Force: 275116. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275116 https://www.ibm.com/support/pages/node/7113759 • CWE-613: Insufficient Session Expiration •

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-50327 – IBM PowerSC weak security

https://notcve.org/view.php?id=CVE-2023-50327

IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109. IBM PowerSC 1.3, 2.0 y 2.1 utiliza métodos HTTP inseguros que podrían permitir a un atacante remoto realizar modificaciones de solicitudes de archivos no autorizadas. ID de IBM X-Force: 275109. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275109 https://www.ibm.com/support/pages/node/7113759 • CWE-436: Interpretation Conflict CWE-650: Trusting HTTP Permission Methods on the Server Side •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-50937 – IBM PowerSC information disclosure

https://notcve.org/view.php?id=CVE-2023-50937

IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117. IBM PowerSC 1.3, 2.0 y 2.1 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 275117. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275117 https://www.ibm.com/support/pages/node/7113759 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •