CVE-2023-47147: IBM Secure Proxy file manipulation

Q: What is the severity of CVE-2023-47147?

CVE-2023-47147 is classified as a moderate severity vulnerability.

Q: How do I fix CVE-2023-47147?

To fix CVE-2023-47147, upgrade IBM Sterling Secure Proxy to version 6.0.4 or 6.1.1 and apply the relevant patches.

Q: What products are affected by CVE-2023-47147?

CVE-2023-47147 affects IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0.

Q: Can CVE-2023-47147 lead to unauthorized access?

CVE-2023-47147 can potentially allow attackers to overwrite log messages, which might obscure malicious activities.

Q: What are the potential impacts of CVE-2023-47147?

The main impact of CVE-2023-47147 is the risk of log message manipulation, which can complicate incident response and forensic investigations.

Published Mar 14, 2024

Updated

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. IBM X-Force ID: 270598.

Other sources

IBM Sterling Secure Proxy could allow an attacker to overwrite a log message under specific conditions.

— IBM

Affected Software

4 affected componentsFixes available

IBM Secure Proxy<=6.0.3

IBM Secure Proxy<=6.1.0

IBM Sterling Secure Proxy=6.0.3

IBM Sterling Secure Proxy=6.1.0

Remediation

Patch Available

https://www.ibm.com/support/pages/node/7142038

Event History

Mar 14, 2024

CVE Published

via IBM·12:00 AM

Mar 15, 2024

CVE Published

via MITRE·03:09 PM

Data Sourced

via MITRE·03:09 PM

DescriptionSeverityWeakness

Data Sourced

via NVD·04:15 PM

DescriptionSeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

IBM-7142038

Frequently Asked Questions

What is the severity of CVE-2023-47147?

CVE-2023-47147 is classified as a moderate severity vulnerability.

How do I fix CVE-2023-47147?