Severity by source
AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
3DescriptionCVE.org
IBM Transformation Extender Advanced 10.0.1
could allow a local user to perform unauthorized actions due to improper access controls.
Analysis
IBM Transformation Extender Advanced 10.0.1
could allow a local user to perform unauthorized actions due to improper access controls.
Technical ContextAI
This vulnerability is classified as Improper Access Control (CWE-284).
RemediationAI
Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.
IBM Transformation Extender Advanced 10.0.1 does not invalidate session after logout which could allow an authenticate
CVE-2023-49883 is a security vulnerability (CVSS 5.9). Remediation should follow standard vulnerability management proce
IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2023-55105