CVE-2023-26280

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 25, 2024
CWE ID 266

Summary

CVE-2023-26280 is a vulnerability affecting IBM Jazz Foundation 7.0.2 and 7.0.3. This issue permits users to modify their dashboards through a maliciously crafted HTTP request, bypassing the intended access control measures. Successful exploitation could lead to unauthorized dashboard customization, potentially disrupting workflows or granting unintended data access. IBM strongly recommends users upgrade to a patched version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • IBM Jazz Foundation

Affected Vendors

  • IBM Corporation