CVE-2023-43035 MEDIUM

CVE-2023-43035: IBM Sterling Control Center information disclosure

Vendor Ibm
Product Sterling Control Center
Weakness CWE-525
Published April 10, 2025
Last update August 17, 2025

CVSS base score

4.0/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which can be read by another user on the system.

Key dates

02Disclosure timeline

April 10, 2025 CVE published
August 17, 2025 Record updated