IBM0F44514628E4F804FBD430D8D1841079B0E80FEFBEE16CC078F600494FE236DFSecurity Bulletin: IBM Watson CloudPak for Data Data Stores is vulnerable to allowing a user with physical access and specific knowledge of the system to modify files or data on the system.(CVE-2023-26282)
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
9.0%
Summary
IBM Watson CP4D Data Stores could allow a user with physical access and specific knowledge of the system to modify files or data on the system.
Vulnerability Details
CVEID:CVE-2023-26282
**DESCRIPTION:**IBM Watson CP4D Data Stores could allow a user with physical access and specific knowledge of the system to modify files or data on the system.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/248415 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| Watson CloudPak for Data Data Stores | 4.6.0 to 4.6.3 |
Remediation/Fixes
None
<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.6.x>
Workarounds and Mitigations
None
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | watson_developer_cloud | 4.6.0 | cpe:2.3:a:ibm:watson_developer_cloud:4.6.0:*:*:*:*:*:*:* |
| ibm | watson_developer_cloud | 4.6.3 | cpe:2.3:a:ibm:watson_developer_cloud:4.6.3:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
9.0%