CVE-2023-40363: IBM InfoSphere Information Server privilege escalation
First published: Thu Nov 16 2023(Updated: )
IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. IBM X-Force ID: 263332.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Infosphere Information Server | <=11.7 | |
| All of | ||
| Ibm Infosphere Information Server | =11.7 | |
| Any of | ||
| IBM AIX | ||
| Linux Linux kernel | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-40363?
The severity of CVE-2023-40363 is high with a severity value of 8.1.
How can an authenticated user exploit CVE-2023-40363?
An authenticated user can exploit CVE-2023-40363 by changing installation files due to incorrect file permission settings.
How can I fix CVE-2023-40363?
To fix CVE-2023-40363, apply the patch provided by IBM, which can be found at the following URL: [https://www.ibm.com/support/pages/node/6574447](https://www.ibm.com/support/pages/node/6574447)
Where can I find more information about CVE-2023-40363?
You can find more information about CVE-2023-40363 at the following references: [https://www.ibm.com/support/pages/node/7070742](https://www.ibm.com/support/pages/node/7070742) and [https://exchange.xforce.ibmcloud.com/vulnerabilities/263332](https://exchange.xforce.ibmcloud.com/vulnerabilities/263332)
- collector/mitre-cve
- collector/ibm-support
- collector/nvd-api
- vendor/ibm
- canonical/ibm infosphere information server
- version/ibm infosphere information server/11.7
- canonical/ibm aix
- vendor/linux
- canonical/linux linux kernel
- vendor/microsoft
- canonical/microsoft windows