Lucene search
HistoryJul 10, 2023 - 4:15 p.m.
CVE-2023-27540
ibm
watson
cp4d
data stores
4.6.0
resource allocation
vulnerability
remote attacker
denial of service
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
35.8%
IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. IBM X-Force ID: 248924.
Affected configurations
Node
ibmcloud_pak_for_dataMatch4.6.0
ORibmwatson_cp4d_data_storesMatch-
redhatopenshiftMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | cloud_pak_for_data | 4.6.0 | cpe:2.3:a:ibm:cloud_pak_for_data:4.6.0:*:*:*:*:*:*:* |
| ibm | watson_cp4d_data_stores | - | cpe:2.3:a:ibm:watson_cp4d_data_stores:-:*:*:*:*:*:*:* |
| redhat | openshift | - | cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:* |
Related
ibm
ibm
cnvd
cnvd
IBM Cloud Pak for Data Denial of Service Vulnerability
2023-07-12 00:00:00
prion
prion
Design/Logic Flaw
2023-07-10 16:15:00
cvelist
cvelist
CVE-2023-27540 IBM Watson CP4D Data Stores denial of service
2023-07-10 00:22:35
cve
cve
CVE-2023-27540
2023-07-10 16:15:49
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
35.8%
Related for NVD:CVE-2023-27540