CVE-2023-50955

LOW

IBM Infosphere Information Server - Path Traversal

Title source: rule

Description

IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system. IBM X-Force ID: 275777.

References (2)

[VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/275777

[Vendor Advisory] https://www.ibm.com/support/pages/node/7116610

Scores

CVSS v3 2.4

EPSS 0.0024

EPSS Percentile 47.7%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-22 CWE-36

Status published

Products (1)

ibm/infosphere_information_server 11.7

Published Feb 21, 2024

Tracked Since Feb 18, 2026