CVE-2023-49883
published 2025-10-01CVE-2023-49883: IBM Transformation Extender Advanced 10.0.1 does not require that users should have strong passwords by default, which makes it easier for attackers to…
PriorityP341high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.26%
16.7th percentile
IBM Transformation Extender Advanced 10.0.1
does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | transformation_extender_advanced | — | — |
| linux | linux_kernel | >= 0 < 4.4.0-271.305 | 4.4.0-271.305 |
| linux | linux_kernel | >= 0 < 4.15.0-240.252 | 4.15.0-240.252 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3q22-68gw-x3mq: IBM Transformation Extender Advanced 10
ghsa_unreviewed·2025-10-01
CVE-2023-49883 [MEDIUM] CWE-521 GHSA-3q22-68gw-x3mq: IBM Transformation Extender Advanced 10
IBM Transformation Extender Advanced 10.0.1
does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
OSV
linux-oracle vulnerabilities
osv·2025-08-13·CVSS 7.8
CVE-2025-37797 linux-oracle vulnerabilities
linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Device tree and open firmware driver;
- SCSI subsystem;
- TTY drivers;
- Ext4 file system;
- SMB network file system;
- Bluetooth subsystem;
- Network traffic control;
- Sun RPC protocol;
- USB sound devices;
(CVE-2025-37797, CVE-2024-49950, CVE-2024-56748, CVE-2023-52975,
CVE-2024-50073, CVE-2023-52885, CVE-2023-52757, CVE-2024-38541,
CVE-2024-53239, CVE-2024-49883)
OSV
linux-aws-fips, linux-azure-fips, linux-fips, linux-gcp-fips vulnerabilities
osv·2025-08-05·CVSS 7.8
linux-aws-fips, linux-azure-fips, linux-fips, linux-gcp-fips vulnerabilities
linux-aws-fips, linux-azure-fips, linux-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Device tree and open firmware driver;
- SCSI subsystem;
- TTY drivers;
- Ext4 file system;
- SMB network file system;
- Bluetooth subsystem;
- Network traffic control;
- Sun RPC protocol;
- USB sound devices;
(CVE-2023-52975, CVE-2024-56748, CVE-2023-52885, CVE-2025-37797,
CVE-2024-50073, CVE-2024-49950, CVE-2024-49883, CVE-2024-38541,
CVE-2023-52757, CVE-2024-53239)
OSV
linux-azure vulnerabilities
osv·2025-08-05·CVSS 7.8
CVE-2023-52975 linux-azure vulnerabilities
linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Device tree and open firmware driver;
- SCSI subsystem;
- TTY drivers;
- Ext4 file system;
- SMB network file system;
- Bluetooth subsystem;
- Network traffic control;
- Sun RPC protocol;
- USB sound devices;
(CVE-2023-52975, CVE-2024-38541, CVE-2024-50073, CVE-2024-53239,
CVE-2023-52757, CVE-2024-49883, CVE-2025-37797, CVE-2023-52885,
CVE-2024-49950, CVE-2024-56748)
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm vulnerabilities
osv·2025-08-05·CVSS 7.8
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm vulnerabilities
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Device tree and open firmware driver;
- SCSI subsystem;
- TTY drivers;
- Ext4 file system;
- SMB network file system;
- Bluetooth subsystem;
- Network traffic control;
- Sun RPC protocol;
- USB sound devices;
(CVE-2024-53239, CVE-2023-52975, CVE-2024-38541, CVE-2023-52885,
CVE-2024-49883, CVE-2025-37797, CVE-2023-52757, CVE-2024-56748,
CVE-2024-49950, CVE-2024-50073)
OSV
linux-oracle vulnerabilities
osv·2025-08-05·CVSS 7.8
CVE-2024-38541 linux-oracle vulnerabilities
linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Device tree and open firmware driver;
- SCSI subsystem;
- TTY drivers;
- Ext4 file system;
- SMB network file system;
- Bluetooth subsystem;
- Network traffic control;
- Sun RPC protocol;
- USB sound devices;
(CVE-2024-38541, CVE-2024-49883, CVE-2023-52757, CVE-2024-49950,
CVE-2024-53239, CVE-2023-52885, CVE-2024-56748, CVE-2023-52975,
CVE-2024-50073, CVE-2025-37797)
OSV
linux-fips vulnerabilities
osv·2025-07-31·CVSS 7.8
CVE-2024-53239 linux-fips vulnerabilities
linux-fips vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- TTY drivers;
- Ext4 file system;
- Bluetooth subsystem;
- USB sound devices;
(CVE-2024-53239, CVE-2024-50073, CVE-2023-52975, CVE-2024-49883,
CVE-2024-49950)
OSV
linux-aws, linux-lts-xenial vulnerabilities
osv·2025-07-31·CVSS 7.8
CVE-2024-49950 linux-aws, linux-lts-xenial vulnerabilities
linux-aws, linux-lts-xenial vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- TTY drivers;
- Ext4 file system;
- Bluetooth subsystem;
- USB sound devices;
(CVE-2024-49950, CVE-2024-49883, CVE-2024-53239, CVE-2024-50073,
CVE-2023-52975)
OSV
linux, linux-aws, linux-kvm vulnerabilities
osv·2025-07-31·CVSS 7.8
CVE-2023-52975 linux, linux-aws, linux-kvm vulnerabilities
linux, linux-aws, linux-kvm vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- TTY drivers;
- Ext4 file system;
- Bluetooth subsystem;
- USB sound devices;
(CVE-2023-52975, CVE-2024-53239, CVE-2024-49883, CVE-2024-50073,
CVE-2024-49950)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-10-01
Published