CNNVD-202506-3577 Information
CNNVD ID
CNNVD-202506-3577
Related CVE
- CNNVD Published: 2025-06-27
Description (Chinese)
IBM Cloud Pak System是美国国际商业机器(IBM)公司的一套具有可配置、预集成软件的全栈、融合基础架构。该产品支持跨混合云部署、管理和移动应用程序环境。 IBM Cloud Pak System 2.3.5.0版本、2.3.3.7版本、2.3.3.7 iFix1版本、2.3.3.6版本、2.3.3.6 iFix1版本、2.3.3.6 iFix2版本、2.3.4.0版本和2.3.4.1版本存在安全漏洞,该漏洞源于HTML注入,可能导致远程攻击者在受害者浏览器中执行恶意代码。
Description (English)
IBM Cloud Pak Systems is a fully configured, pre-integrated software, integrated infrastructure for the United States International Business Machine (IBM). The product supports a cross-mixed cloud deployment, management and mobile application environment. IBM Cloud Pak System 2.3.5.0, 2.3.3.3.7, 2.3.3.3.7 iFix1, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.4.0 and 2.3.4.1 have security gaps, which originate from HTML injections and may result in the remote assailants implementing malicious codes in the victim browser.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2025-06-27
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7237162 https://access.redhat.com/security/cve/cve-2023-38007
Patch
https://www.ibm.com/support/pages/node/7237162
Share on: