CVE-2023-38369

high

Description

IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 does not require that docker images should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 261196.

References

https://www.ibm.com/support/pages/node/7106586

https://exchange.xforce.ibmcloud.com/vulnerabilities/261196

Details

Source: Mitre, NVD

Published: 2024-02-07

Updated: 2024-02-10

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N