CVE-2023-23473: CSRF
First published: Wed May 17 2023(Updated: )
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 245400.
Credit: psirt@us.ibm.com psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Infosphere Information Server | >=11.7.0.0<11.7.1.0 | |
| Ibm Infosphere Information Server | >=11.7.0.0<11.7.1.4 | |
| Ibm Infosphere Information Server | <=11.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2023-23473.
What is the severity of CVE-2023-23473?
The severity of CVE-2023-23473 is high with a score of 8.8.
What is the affected software?
IBM InfoSphere Information Server versions between 11.7.0.0 and 11.7.1.0, and versions between 11.7.0.0 and 11.7.1.4 on cloud are affected.
How does this vulnerability affect the website?
This vulnerability allows an attacker to execute malicious actions on the website by tricking a trusted user into performing unauthorized actions.
How can I fix CVE-2023-23473?
You can fix CVE-2023-23473 by applying the patch provided by IBM. Please refer to this URL for more information: [Patch URL](https://www.ibm.com/support/pages/node/878310).
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/ibm-support
- collector/nvd-api
- collector/nvd-index
- vendor/ibm
- canonical/ibm infosphere information server
- version/ibm infosphere information server/11.7
- version/ibm infosphere information server/11.7.0.0