{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-50955","assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","state":"PUBLISHED","assignerShortName":"ibm","dateReserved":"2023-12-16T19:35:51.572Z","datePublished":"2024-02-21T14:32:06.614Z","dateUpdated":"2024-08-02T22:23:43.870Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"InfoSphere Information Server","vendor":"IBM","versions":[{"status":"affected","version":"11.7"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system.  IBM X-Force ID:  275777."}],"value":"IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system.  IBM X-Force ID:  275777."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"NONE","baseScore":2.4,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-36","description":"CWE-36 Absolute Path Traversal","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm","dateUpdated":"2024-02-21T14:32:06.614Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.ibm.com/support/pages/node/7116610"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/275777"}],"source":{"discovery":"UNKNOWN"},"title":"IBM InfoSphere Information Server information disclosure","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-07-12T21:10:33.046535Z","id":"CVE-2023-50955","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-12T21:10:39.456Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T22:23:43.870Z"},"title":"CVE Program Container","references":[{"tags":["vendor-advisory","x_transferred"],"url":"https://www.ibm.com/support/pages/node/7116610"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/275777","tags":["x_transferred"]}]}]}}