Lucene search
China National Vulnerability DatabaseCNVD-2023-41897HistoryMay 04, 2023 - 12:00 a.m.
IBM Cloud Pak for Data Arbitrary File Upload Vulnerability
2023-05-0400:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
ibm cloud pak
data structure
data and ai platform
arbitrary file upload
security vulnerability
EPSS
0.001
Percentile
30.3%
IBM Cloud Pak for Data is a data and AI platform with data structure from International Business Machines (IBM). All data can be made available for AI and analytics on any cloud. An arbitrary file upload vulnerability exists in IBM Cloud Pak for Data version 4.5, 4.6. The vulnerability stems from the applicationβs lack of effective validation of uploaded files. An attacker can exploit this vulnerability to upload malicious files to remotely execute arbitrary code.
Related
prion
prion
Code injection
2023-04-26 03:15:00
cve
cve
CVE-2022-36769
2023-04-26 03:15:08
ibm
ibm
cvelist
cvelist
CVE-2022-36769 IBM Cloud Pak for Data file upload
2023-04-26 02:52:02
nvd
nvd
CVE-2022-36769
2023-04-26 03:15:08