Vulnerability Description
A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. IBM X-Force ID: 246320.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | 3957-Vec Firmware | >= 8.51.0, < 8.51.2.12 |
| Ibm | 3957-Vec | - |
| Ibm | 3957-Ved Firmware | >= 8.51.0, < 8.51.2.12 |
| Ibm | 3957-Ved | - |
| Ibm | 3948-Ved Firmware | >= 8.53.0, <= 8.53.0.63 |
| Ibm | 3948-Ved | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/246320VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6980845Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/246320VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6980845Vendor Advisory
FAQ
What is CVE-2023-24958?
CVE-2023-24958 is a vulnerability with a CVSS score of 8.8 (HIGH). A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege esca...
How severe is CVE-2023-24958?
CVE-2023-24958 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-24958?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm 3957-Vec Firmware, Ibm 3957-Vec, Ibm 3957-Ved Firmware, Ibm 3957-Ved, Ibm 3948-Ved Firmware.