First published: Sun Jan 26 2025(Updated: )
IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Rational Common Licensing | ||
All of | ||
IBM Rational Common Licensing | =9.0.0 | |
Any of | ||
IBM AIX | ||
Linux Kernel | ||
Microsoft Windows Operating System |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-50946 is classified as a medium severity vulnerability.
To fix CVE-2023-50946, ensure that proper authorization mechanisms are enforced for user access to configuration files.
CVE-2023-50946 affects users of IBM Common Licensing 9.0 who are able to authenticate in the system.
CVE-2023-50946 is a broken authorization vulnerability that allows unauthorized modifications to configuration files.
CVE-2023-50946 requires authentication, meaning it cannot be exploited remotely without valid user credentials.