CVE-2023-35018

Severity

7.2HIGH

EPSS

0.1%

top 78.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedOct 16

Description

IBM Security Verify Governance 10.0 could allow a privileged use to upload arbitrary files due to improper file validation. IBM X-Force ID: 259382.

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:NExploitability: 0.7 | Impact: 2.5

GHSA

GHSA-hrjc-cqfh-wxgv: IBM Security Verify Governance 10↗2023-10-16

▶

CVEList

IBM Security Verify Governance file upload↗2023-10-15

▶