CVE-2023-35018

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Oct 16, 2023

Updated: Oct 19, 2023

CWE ID 434

Summary

CVE-2023-35018 is a vulnerability affecting IBM Security Verify Governance version 10.0. This issue permits privileged users to upload unvalidated files, potentially leading to arbitrary code execution. IBM X-Force has assigned ID 259382 to this vulnerability. The lack of proper validation in the upload process creates a significant risk, allowing attackers to exploit this weakness and gain unauthorized access to the system. It is recommended that users of IBM Security Verify Governance update to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/roncBZ
https://www.cve.org/CVERecord?id=CVE-2023-35018
https://nvd.nist.gov/vuln/detail/CVE-2023-35018

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2023-35018

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations