Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-43052

IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domain names. By submitting suitable payloads, an attacker can cause the application server to attack other systems that it can interact with.

Published

2025-03-07T17:15:18.060

Last Modified

2025-06-19T00:11:36.133

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-435
Type: Secondary
CWE-435

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	control_center	6.2.1.0	Yes
Application	ibm	control_center	6.3.1.0	Yes

References

https://www.ibm.com/support/pages/node/7185102 Vendor Advisory ([email protected])