CVE-2023-47711 — Unrestricted File Upload in IBM Security Guardium

CWE-434 — Unrestricted File Upload3 documents3 sources

Severity

6.5MEDIUMNVD

CNA2.7

EPSS

0.0%

top 89.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Security Guardium

Timeline

PublishedMay 14

Description

IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow an authenticated user to upload files that would cause a denial of service. IBM X-Force ID: 271526.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5ibm/security_guardium11.3, 11.4, 11.5, 12.0

▶NVDibm/security_guardium4 versions+3

🔴Vulnerability Details

GHSA

GHSA-3mwv-hr6q-qhg5: IBM Security Guardium 11↗2024-05-14

▶

CVEList

IBM Security Guardium denial of service↗2024-05-11

▶