IBM DS8900F HMC Vulnerability: Arbitrary File Reading
CVE-2023-46170
6.5MEDIUM
Summary
A vulnerability in the IBM DS8900F products enables an authenticated user to gain unauthorized access to sensitive files by exploiting the ability to enumerate file names. This potential security risk could allow attackers to read confidential data, thus compromising system integrity and information confidentiality. System administrators are urged to review affected versions and implement necessary security measures to mitigate any threats posed by this vulnerability.
Affected Version(s)
DS8900F 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, 89.33.48.0
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved