CVE-2023-50940
Published: 02 February 2024
Summary
CVE-2023-50940 is a medium-severity Permissive Cross-domain Security Policy with Untrusted Domains (CWE-942) vulnerability in Ibm Powersc. Its CVSS base score is 5.3 (Medium).
Operationally, ranked at the 18.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-55671
Vulnerability details
IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID:…
more
275130.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.