Ibm: >> Virtualization Engine Ts7770 3957-Ved >> r5.2.1 Security Vulnerabilities
IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a remote authenticated user to obtain sensitive information, caused by improper filtering of URLs. By submitting a specially crafted HTTP GET request, an attacker could exploit this vulnerability to view application source code, system configuration information, or other sensitive data related to the Management Interface. IBM X-Force ID: 272651.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-12-13
IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 272652.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-12-13