Weak Password Policy in IBM Transformation Extender Advanced Products
CVE-2023-49883

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Transformation Extender Advanced
Vendor: CVE Published:; 1 October 2025

What is CVE-2023-49883?

IBM Transformation Extender Advanced 10.0.1 has a notable security oversight where it does not enforce strong password requirements by default. This weakness can lead to unauthorized access, as attackers may exploit weak passwords to easily compromise user accounts. Organizations utilizing this product should implement immediate measures to strengthen their password policies and enhance overall security.

Affected Version(s)

Transformation Extender Advanced 10.0.1

References

https://www.ibm.com/support/pages/node/7246885

vendor-advisorypatch

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Dec 1, 2023

JSON