Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
3DescriptionCVE.org
IBM Transformation Extender Advanced 10.0.1
does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
AnalysisAI
CVE-2023-49883 is a security vulnerability (CVSS 5.9). Remediation should follow standard vulnerability management procedures.
Technical ContextAI
Vulnerability type not specified by vendor.
RemediationAI
Monitor vendor channels for patch availability.
IBM Transformation Extender Advanced 10.0.1 does not invalidate session after logout which could allow an authenticate
IBM Transformation Extender Advanced 10.0.1 could allow a local user to perform unauthorized actions due to improper
IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on
Same weakness CWE-521 – Weak Password Requirements
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2023-53783