Description

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls. IBM X-Force ID: 261195.

Remediation

References

CVE-2023-38368

Related Vulnerabilities

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-23616)

Collabtive Improper Privilege Management Vulnerability (CVE-2013-5027)

WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login PHP Object Injection (3.7.9.2)

WordPress Plugin LearnDash LMS SQL Injection (3.1.5)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4937)

Severity

Medium

Classification

CVE-2023-38368 CWE-863 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities