Lucene search

IbmCVELIST:CVE-2023-26282

HistoryMar 05, 2024 - 7:31 p.m.

CVE-2023-26282 IBM Watson CP4D Data Stores file modificiation

2024-03-0519:31:33

CWE-73

ibm

www.cve.org

ibm watson

cp4d

data stores

file modification

vulnerability

ibm x-force id

CVSS3

4.2

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

4.3

Confidence

High

EPSS

Percentile

9.0%

JSON

IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and specific knowledge of the system to modify files or data on the system. IBM X-Force ID: 248415.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Watson CP4D Data Stores",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "4.6.3",
        "status": "affected",
        "version": "4.6.0",
        "versionType": "semver"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/248415

https://www.ibm.com/support/pages/node/6965452

CVSS3

4.2

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

4.3

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2023-26282