PT-2023-28673 · Ibm · Ibm Sterling Partner Engagement Manager

Francisco Farinha

Publicado

2023-10-23

Atualizado

2023-10-28

CVE-2023-43045

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions IBM Sterling Partner Engagement Manager versions 6.1.2, 6.2.0, and 6.2.2

Description The issue is related to improper authentication, which could allow a remote user to perform unauthorized actions.

Recommendations For versions 6.1.2, 6.2.0, and 6.2.2, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authentication

Authentication Bypass Using an Alternate Path or Channel

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-306CWE-288

Identificadores relacionados

CVE-2023-43045

Produtos afetados

Ibm Sterling Partner Engagement Manager

PT-2023-28673 · Ibm · Ibm Sterling Partner Engagement Manager

CVE-2023-43045

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9