CVE-2023-50937: IBM PowerSC information disclosure
First published: Wed Jan 31 2024(Updated: )
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM PowerSC | =1.3 | |
| IBM PowerSC | =2.0 | |
| IBM PowerSC | =2.1 | |
| IBM PowerSC | <=1.3 | |
| IBM PowerSC | <=2.0 | |
| IBM PowerSC | <=2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-50937?
The severity of CVE-2023-50937 is rated as high due to the potential exposure of highly sensitive information.
How do I fix CVE-2023-50937?
To fix CVE-2023-50937, update IBM PowerSC to the latest supported version that addresses the cryptographic weaknesses.
What versions of IBM PowerSC are affected by CVE-2023-50937?
IBM PowerSC versions 1.3, 2.0, and 2.1 are affected by CVE-2023-50937.
What types of attacks can exploit CVE-2023-50937?
CVE-2023-50937 can be exploited by an attacker leveraging weaker cryptographic algorithms to decrypt sensitive data.
Is there a workaround for CVE-2023-50937?
Currently, there are no known effective workarounds for CVE-2023-50937 other than applying the recommended updates.
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/author
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/remedy
- collector/ibm-support
- source/IBM
- agent/severity
- agent/softwarecombine
- agent/first-publish-date
- agent/event
- agent/description
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/tags
- agent/source
- vendor/ibm
- canonical/ibm powersc
- version/ibm powersc/1.3
- version/ibm powersc/2.0
- version/ibm powersc/2.1