CVE-2023-38369

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 7, 2024
Updated: Feb 10, 2024
CWE ID 521

Summary

CVE-2023-38369: IBM Security Access Manager Container versions 10.0.0.0 through 10.0.6.1 fail to enforce strong passwords for Docker images by default. This vulnerability can make it simpler for attackers to compromise user accounts, as documented in IBM X-Force ID: 261196. The absence of this security measure allows unauthorized individuals to gain unauthorized access to the container environment, potentially leading to data breaches or system compromise. IBM users are advised to update their software to a patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share