CVE-2023-50326

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 2, 2024
CWE ID 307

Summary

CVE-2023-50326 is a vulnerability affecting IBM PowerSC versions 1.3, 2.0, and 2.1. It is related to CWE-307, which refers to the improper restriction of excessive authentication attempts. This vulnerability could allow a remote attacker to perform brute force attacks on account credentials. The base severity of this vulnerability is rated as HIGH, with a base score of 7.5 according to NVD@nist.gov. The potential danger it poses to an organization includes a high impact on confidentiality, with no integrity or availability impact identified. No user interaction or privileges are required for exploitation, and the attack vector is through the network. To remediate this vulnerability, organizations using affected IBM PowerSC versions should apply the necessary security patches or updates provided by IBM to address the inadequate account lockout setting and mitigate the risk of brute force attacks on account credentials.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-50326 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options