CVE-2023-47148 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-47148 PUBLISHED CVSS 5.300000190734863 MEDIUM

IBM Storage Protect Plus Server 10.1.0 through 10.1.15.2 Admin Console could allow a remote attacker to obtain sensitive information due to improper validation of unsecured endpoints which could be used in further attacks against the system. IBM X-Force ID: 270599.

EPSS 0.06% · 17.5th percentile

Risk Scores

CVSS v3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Score

0.06%

17.5th percentile

Affected Products

Vendor	Product	Versions
IBM	Storage Protect Plus Server	10.1.0
ibm	spectrum_protect_plus	10.1.0
ibm	storage_protect_plus	10.1.0

Timeline

Feb 2, 2024 CVE Published
Feb 8, 2024 EPSS Score
Mar 6, 2024 EPSS Score
Apr 1, 2024 EPSS Score
Apr 28, 2024 EPSS Score
May 25, 2024 EPSS Score
Jun 21, 2024 EPSS Score
Jul 17, 2024 EPSS Score
Aug 2, 2024 CVE Updated
Aug 13, 2024 EPSS Score
Sep 9, 2024 EPSS Score
Oct 6, 2024 EPSS Score

References

https://www.ibm.com/support/pages/node/7096482 vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/270599 vdb
https://www.ibm.com/support/pages/node/7111679 advisory
https://nvd.nist.gov/vuln/detail/CVE-2023-47148 advisory

Open in Interactive Console →