{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T03:44:45.386","vulnerabilities":[{"cve":{"id":"CVE-2023-49877","sourceIdentifier":"psirt@us.ibm.com","published":"2023-12-13T21:15:08.040","lastModified":"2024-11-21T08:33:58.493","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a remote authenticated user to obtain sensitive information, caused by improper filtering of URLs. By submitting a specially crafted HTTP GET request, an attacker could exploit this vulnerability to view application source code, system configuration information, or other sensitive data related to the Management Interface.   IBM X-Force ID:  272651."},{"lang":"es","value":"IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED y 3957-VEC podría permitir que un usuario autenticado remotamente obtenga información confidencial, causada por un filtrado inadecuado de las URL. Al enviar una solicitud HTTP GET especialmente manipulada, un atacante podría aprovechar esta vulnerabilidad para ver el código fuente de la aplicación, información de configuración del sistema u otros datos confidenciales relacionados con la interfaz de administración. ID de IBM X-Force: 272651."}],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:virtualization_engine_ts7760_3957-vec_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"8.52.103.23","matchCriteriaId":"E6AE6909-E2BD-4E40-ACCF-42539FC45520"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:virtualization_engine_ts7760_3957-vec:r5.2.1:*:*:*:*:*:*:*","matchCriteriaId":"F1F27A40-DCF1-49D5-8550-C9135A7775C2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:virtualization_engine_ts7760_3957-vec_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"8.53.1.21","matchCriteriaId":"7D6C62B2-B179-40AE-8D3E-0C1C44B129C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:virtualization_engine_ts7760_3957-vec:r5.3:*:*:*:*:*:*:*","matchCriteriaId":"75A467BF-72F2-428C-AD92-DAD31C5D1E6B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:virtualization_engine_ts7770_3957-ved_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"8.52.103.23","matchCriteriaId":"6CA58C54-0E7F-40F6-9204-8961A58BCECA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:virtualization_engine_ts7770_3957-ved:r5.2.1:*:*:*:*:*:*:*","matchCriteriaId":"3F009408-2553-4A3D-808A-E390295A66E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:virtualization_engine_ts7770_3957-ved_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"8.53.1.21","matchCriteriaId":"E04A6F2B-1762-48FD-A794-9E01D1D9E3C3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:virtualization_engine_ts7770_3957-ved:r5.3:*:*:*:*:*:*:*","matchCriteriaId":"29DAE222-4508-4BCA-B17D-2CEBF1A34B4A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:virtualization_engine_ts7770_3948-ved_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"8.53.1.21","matchCriteriaId":"0DA59D69-2B5C-4728-AF12-6C7D59A9CD38"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:virtualization_engine_ts7770_3948-ved:r5.3:*:*:*:*:*:*:*","matchCriteriaId":"FCDA91D5-7A2D-4047-B3FB-21EF8274C2AA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/272651","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/7092383","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/272651","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/7092383","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}