CVE-2023-47706

CWE-434Unrestricted File Upload3 documents3 sources
Severity
8.8HIGH
EPSS
0.1%
top 78.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Guardium KEY Lifecycle Manager
Timeline
PublishedDec 20

Description

IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to upload files of a dangerous file type. IBM X-Force ID: 271341.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.7 | Impact: 5.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-qg4r-fj25-xf35: IBM Security Guardium Key Lifecycle Manager 42023-12-20
CVEList
IBM Security Guardium Key Lifecycle Manager file upload2023-12-20
CVE-2023-47706 (HIGH CVSS 8.8) | IBM Security Guardium Key Lifecycle | cvebase.io