Vulnerability Description
IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Storage Protect | >= 8.1.0.0, <= 8.1.19.0 |
| Ibm | Storage Protect Client | >= 8.1.0.0, <= 8.1.19.0 |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/259246VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7037299PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/259246VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7037299PatchVendor Advisory
FAQ
What is CVE-2023-35897?
CVE-2023-35897 is a vulnerability with a CVSS score of 8.4 (HIGH). IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, c...
How severe is CVE-2023-35897?
CVE-2023-35897 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-35897?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Storage Protect, Ibm Storage Protect Client.