Information Disclosure Vulnerability in IBM Control Center
CVE-2024-35112

4.3MEDIUM

Key Information:

Vendor
IBM
Status
Control Center
Vendor
CVE Published:
25 January 2025

Summary

An information disclosure vulnerability exists in IBM Control Center versions 6.2.1 and 6.3.1, allowing remote attackers to gain access to sensitive information. This security flaw occurs when detailed technical error messages are generated and displayed in the browser, potentially providing attackers valuable insights that can be exploited for further attacks against the system.

Affected Version(s)

Control Center 6.2.1, 6.3.1

References

https://www.ibm.com/support/pages/node/7174794
vendor-advisory

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.