CVE-2023-38013

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 25, 2025

CWE ID 201

Summary

CVE-2023-38013 is a vulnerability affecting IBM Cloud Pak System versions 2.3.3.0 to 2.3.3.7, including iFix1 and iFix2. This issue allows an attacker to disclose sensitive information in HTTP responses, potentially aiding in further attacks against the system. IBM has released patches to address this vulnerability, and system administrators are urged to apply them promptly to mitigate the risk. The disclosed information could include internal system details, which, if exploited, could lead to unauthorized access or data breaches. The impact of this vulnerability is significant as it exposes potentially sensitive information, increasing the risk of subsequent attacks on the affected systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

Know What Matters

For Customers

For Partners