CVE-2023-43021: IBM InfoSphere Information Server information disclosure
First published: Tue Nov 28 2023(Updated: )
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 266167.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Infosphere Information Server | <=11.7 | |
| All of | ||
| Any of | ||
| Ibm Infosphere Information Server | >=11.7.0.0<11.7.1.0 | |
| Ibm Infosphere Information Server | >=11.7.0.0<11.7.1.4 | |
| Any of | ||
| IBM AIX | ||
| Linux Linux kernel | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-43021?
The severity of CVE-2023-43021 is medium with a CVSS severity score of 5.3.
How can a remote attacker exploit CVE-2023-43021?
A remote attacker can exploit CVE-2023-43021 by obtaining sensitive information when a detailed technical error message is returned in the browser.
What is the affected software for CVE-2023-43021?
The affected software for CVE-2023-43021 is IBM InfoSphere Information Server version 11.7.
How can I fix CVE-2023-43021?
To fix CVE-2023-43021, apply the patch provided by IBM InfoSphere Information Server.
Where can I find more information about CVE-2023-43021?
More information about CVE-2023-43021 can be found on the IBM support page and IBM X-Force ID page.
- collector/mitre-cve
- collector/ibm-support
- collector/nvd-api
- vendor/ibm
- canonical/ibm infosphere information server
- version/ibm infosphere information server/11.7
- version/ibm infosphere information server/11.7.0.0
- canonical/ibm aix
- vendor/linux
- canonical/linux linux kernel
- vendor/microsoft
- canonical/microsoft windows