CVE-2023-43035Use of Web Browser Cache Containing Sensitive Information in IBM Sterling Control Center

CWE-525Use of Web Browser Cache Containing Sensitive Information3 documents3 sources
Severity
3.3LOWNVD
CNA4.0
EPSS
0.1%
top 81.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Sterling Control Center
Timeline
PublishedApr 10

Description

IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which can be read by another user on the system.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/sterling_control_center6.2.1, 6.3.1, 6.4.0+2
NVDibm/sterling_control_center6.2.1, 6.3.1, 6.4.0+2

🔴Vulnerability Details

2
GHSA
GHSA-9mhg-763p-r87w: IBM Sterling Control Center 62025-04-10
CVEList
IBM Sterling Control Center information disclosure2025-04-10
CVE-2023-43035 — IBM vulnerability | cvebase