CVE-2023-50946

Name of the Vulnerable Software and Affected Versions IBM Common Licensing version 9.0

Description The issue is related to incorrect authorization in the software, which could allow a remote attacker to gain access to confidential information. Specifically, it is due to a broken authorization mechanism that permits an authenticated user to modify a configuration file they should not have access to.

Recommendations For IBM Common Licensing version 9.0, consider restricting access to configuration files to prevent unauthorized modifications until a patch is available. As a temporary workaround, limit the privileges of authenticated users to minimize the risk of exploitation.