Lucene search

IbmVULNRICHMENT:CVE-2023-27545

HistoryFeb 29, 2024 - 12:45 a.m.

CVE-2023-27545 IBM Watson CloudPak for Data Data Stores information disclosure

2024-02-2900:45:45

CWE-525

ibm

github.com

ibm watson cloudpak

data stores

information disclosure

4.6.0

ibm x-force id

248947

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.5

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

IBM Watson CloudPak for Data Data Stores information disclosure 4.6.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 248947.

CNA Affected

[
  {
    "vendor": "IBM",
    "product": "Watson CloudPak for Data Data Stores",
    "versions": [
      {
        "status": "affected",
        "version": "4.6.0"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/248947

www.ibm.com/support/pages/node/6965446

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.5

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-27545