CVE-2023-40368

Description

IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client. IBM X-Force ID: 263456.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Affected products

ibm / storage_protect_client8.1.0.0 – 8.1.19.0
ibm / Storage Protect for Space Management8.1.0.0 – 8.1.19.0
ibm / Storage Protect for Virtual Environments8.1.0.0 – 8.1.19.0

References

MISChttps://www.ibm.com/support/pages/node/7034288
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/263456