CVE-2023-38265 | THREATINT

Description

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could disclose folder location information to an unauthenticated attacker that could aid in further attacks against the system.

PUBLISHED Reserved 2023-07-14 | Published 2026-02-17 | Updated 2026-02-17 | Assigner ibm

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-548 Exposure of Information Through Directory Listing

Product status

2.3.3.6 (semver)

affected

2.3.3.7

affected

2.3.4.0

affected

2.3.4.1

affected

2.3.5.0

affected

References

www.ibm.com/support/pages/node/7259955 vendor-advisory patch

cve.org (CVE-2023-38265)

nvd.nist.gov (CVE-2023-38265)

Download JSON