Cloud Pak For Data Security Vulnerabilities and Issues — Cloud Pak For Data CVE List

cve

CVE-2022-36769

IBM Cloud Pak for Data 4.5 and 4.6 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 232034.

7.2CVSS

6.7AI Score

0.001EPSS

2023-04-26 03:15 AM

36

cve

CVE-2023-26023

Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896.

7.5CVSS

7.1AI Score

0.001EPSS

2023-07-19 02:15 AM

36

cve

CVE-2023-26026

Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896.

7.5CVSS

7.1AI Score

0.001EPSS

2023-07-19 02:15 AM

46

cve

CVE-2023-27540

IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. IBM X-Force ID: 248924.

7.5CVSS

7.3AI Score

0.001EPSS

2023-07-10 04:15 PM

12

cve

CVE-2023-27877

IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An attacker can exploit an insecure password policy to the CouchDB server and collect sensitive information from the database. IBM X-Force ID: 247905.

7.5CVSS

7.2AI Score

0.001EPSS

2023-07-19 02:15 AM

39

Cloud Pak For Data Security Vulnerabilities - 2023