CVE-2024-35111

CWE-2093 documents3 sources
Severity
4.3MEDIUM
EPSS
0.1%
top 75.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Control Center
Timeline
PublishedJan 25

Description

IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/control_center6.2.1, 6.3.1
NVDibm/control_center6.2.1.0, 6.3.1.0+1

🔴Vulnerability Details

2
GHSA
GHSA-4wp5-fm78-39wq: IBM Control Center 62025-01-25
CVEList
IBM Control Center information disclosure2025-01-25
CVE-2024-35111 (MEDIUM CVSS 4.3) | IBM Control Center 6.2.1 and 6.3.1 | cvebase.io