Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27877 | 1 Ibm | 1 Cloud Pak For Data | 2023-12-10 | N/A | 7.5 HIGH |
| IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An attacker can exploit an insecure password policy to the CouchDB server and collect sensitive information from the database. IBM X-Force ID: 247905. | |||||
| CVE-2023-26026 | 1 Ibm | 1 Cloud Pak For Data | 2023-12-10 | N/A | 7.5 HIGH |
| Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896. | |||||
| CVE-2023-26023 | 1 Ibm | 1 Cloud Pak For Data | 2023-12-10 | N/A | 7.5 HIGH |
| Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896. | |||||
| CVE-2023-27540 | 2 Ibm, Redhat | 3 Cloud Pak For Data, Watson Cp4d Data Stores, Openshift | 2023-12-10 | N/A | 7.5 HIGH |
| IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. IBM X-Force ID: 248924. | |||||
| CVE-2022-36769 | 2 Ibm, Redhat | 2 Cloud Pak For Data, Openshift | 2023-12-10 | N/A | 7.2 HIGH |
| IBM Cloud Pak for Data 4.5 and 4.6 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 232034. | |||||
| CVE-2022-22353 | 2 Cloudera, Ibm | 3 Data Platform, Big Sql, Cloud Pak For Data | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules using a CREATE TABLE SELECT statement. IBM X-Force ID: 220480. | |||||
| CVE-2021-38899 | 1 Ibm | 1 Cloud Pak For Data | 2023-12-10 | 2.1 LOW | 4.4 MEDIUM |
| IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575. | |||||
| CVE-2021-20486 | 3 Ibm, Linux, Redhat | 3 Cloud Pak For Data, Linux Kernel, Enterprise Linux | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668. | |||||