Lucene search

IbmVULNRICHMENT:CVE-2023-28512

HistoryMar 03, 2024 - 3:44 p.m.

CVE-2023-28512 IBM Watson CP4D Data Stores improper input validation

2024-03-0315:44:29

CWE-472

ibm

github.com

ibm watson cp4d

data stores

input validation

vulnerability

ibm x-force id

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.3

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

IBM Watson CP4D Data Stores 4.6.0, 4.6.1, and 4.6.2 could allow an attacker with specific knowledge about the system to manipulate data due to improper input validation. IBM X-Force ID: 250396.

CNA Affected

[
  {
    "vendor": "IBM",
    "product": "Watson CP4D Data Stores",
    "versions": [
      {
        "status": "affected",
        "version": "4.6.0, 4.6.1, 4.6.2"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/250396

www.ibm.com/support/pages/node/6965456

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.3

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-28512