HIGHCVE-2026-5935Published Modified CNA ibm
CVE-2026-5935: TSSC/IMC is vulnerable to OS Command Injection
IBM Total Storage Service Console (TSSC) / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could allow an unauthenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input.
Metrics
- CVSS v3.1
- 7.3
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
Affected packages
- IBM / Total Storage Service Console (TSSC) / TS4500 IMC≤ 9.6.0
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LReferences