Lucene search

[email protected]NVD:CVE-2023-23469

HistoryFeb 01, 2023 - 7:15 p.m.

CVE-2023-23469

2023-02-0119:15:08

[email protected]

web.nvd.nist.gov

ibm icp4a

automation decision services

local storage

security vulnerability

x-force id 244504

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

3.6 Low

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 244504.

Affected configurations

NVD

Node

ibmcloud_pak_for_business_automationRange18.0.0–20.0.3

ibmcloud_pak_for_business_automationMatch21.0.1-

ibmcloud_pak_for_business_automationMatch21.0.1interim_fix_001

ibmcloud_pak_for_business_automationMatch21.0.1interim_fix_002

ibmcloud_pak_for_business_automationMatch21.0.1interim_fix_003

ibmcloud_pak_for_business_automationMatch21.0.1interim_fix_004

ibmcloud_pak_for_business_automationMatch21.0.1interim_fix_005

ibmcloud_pak_for_business_automationMatch21.0.1interim_fix_006

ibmcloud_pak_for_business_automationMatch21.0.1interim_fix_007

ibmcloud_pak_for_business_automationMatch21.0.2-

ibmcloud_pak_for_business_automationMatch21.0.2interim_fix_001

ibmcloud_pak_for_business_automationMatch21.0.2interim_fix_0012

ibmcloud_pak_for_business_automationMatch21.0.2interim_fix_002

ibmcloud_pak_for_business_automationMatch21.0.2interim_fix_003

ibmcloud_pak_for_business_automationMatch21.0.2interim_fix_004

ibmcloud_pak_for_business_automationMatch21.0.2interim_fix_005

ibmcloud_pak_for_business_automationMatch21.0.2interim_fix_006

ibmcloud_pak_for_business_automationMatch21.0.2interim_fix_007

ibmcloud_pak_for_business_automationMatch21.0.2interim_fix_008

ibmcloud_pak_for_business_automationMatch21.0.2interim_fix_009

ibmcloud_pak_for_business_automationMatch21.0.3-

ibmcloud_pak_for_business_automationMatch21.0.3interim_fix_001

ibmcloud_pak_for_business_automationMatch21.0.3interim_fix_002

ibmcloud_pak_for_business_automationMatch21.0.3interim_fix_003

ibmcloud_pak_for_business_automationMatch21.0.3interim_fix_004

ibmcloud_pak_for_business_automationMatch21.0.3interim_fix_005

ibmcloud_pak_for_business_automationMatch21.0.3interim_fix_006

ibmcloud_pak_for_business_automationMatch21.0.3interim_fix_007

ibmcloud_pak_for_business_automationMatch21.0.3interim_fix_008

ibmcloud_pak_for_business_automationMatch22.0.2-

References

exchange.xforce.ibmcloud.com/vulnerabilities/244504

www.ibm.com/support/pages/node/6857999

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

3.6 Low

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for NVD:CVE-2023-23469

cvelist1 prion1 cve1