Lucene search
+L
IbmCloud Pak For Data

9 matches found

CVE
CVE
added 2024/02/29 12:45 a.m.102 views

CVE-2023-27545

IBM Watson CloudPak for Data Data Stores contains an information-disclosure vulnerability (CVE-2023-27545). The issue allows stored web pages to be read by another user on the same system due to how Data Stores handles local storage. Affected product/version: Watson CloudPak for Data Data Stores ...

5.5CVSS3.4AI score0.00195EPSS
CVE
CVE
added 2025/02/26 2:4 p.m.81 views

CVE-2025-0719

CVE-2025-0719 affects IBM Cloud Pak for Data (versions 4.0.0–4.8.5 and 5.0.0). The IBM advisory describes a reflected cross-site scripting (XSS) vulnerability on the /error endpoint, where an unauthenticated attacker can inject JavaScript via the error parameter, potentially leading to credential...

6.1CVSS6.1AI score0.00302EPSS
CVE
CVE
added 2023/07/19 1:36 a.m.70 views

CVE-2023-26026

CVE-2023-26026 affects IBM Planning Analytics Cartridge for IBM Cloud Pak for Data 4.0. The vulnerability is an information disclosure via logs, caused by exposing sensitive data through log files. CNVD notes an related encryption issue tied to an insecure CouchDB password policy, enabling data c...

7.5CVSS5.9AI score0.00491EPSS
CVE
CVE
added 2023/07/19 1:31 a.m.65 views

CVE-2023-27877

CVE-2023-27877 affects IBM Planning Analytics Cartridge for IBM Cloud Pak for Data 4.0. The issue arises from an insecure CouchDB password policy over the network, allowing an attacker to disclose sensitive data stored in CouchDB. Documents consistently identify the affected component as the Cart...

7.5CVSS5.8AI score0.00465EPSS
CVE
CVE
added 2023/07/19 1:34 a.m.59 views

CVE-2023-26023

CVE-2023-26023 affects IBM Planning Analytics Cartridge for IBM Cloud Pak for Data v4.0. The vulnerability is an information disclosure via logs, exposing sensitive data that could enable further attacks. Public sources in the provided documents consistently describe log exposure as the issue, bu...

7.5CVSS6.3AI score0.00565EPSS
CVE
CVE
added 2021/09/20 4:45 p.m.58 views

CVE-2021-38899

CVE-2021-38899 affects IBM Cloud Pak for Data 2.5. A local user with special privileges could access highly sensitive information due to an information-disclosure vulnerability in CP4D. Under the CVSSv3.1/3.0 metrics, the issue has a base score of 4.4 (MEDIUM) with LOCAL attack vector, LOW attack...

4.4CVSS4.4AI score0.00273EPSS
CVE
CVE
added 2023/04/26 2:52 a.m.55 views

CVE-2022-36769

Summary: CVE-2022-36769 affects IBM Cloud Pak for Data 4.5 and 4.6. A privileged user can upload malicious files of dangerous types that are automatically processed within the product’s environment, due to insufficient validation of uploaded files. Impact (as stated): Privileged upload capability...

7.2CVSS6.8AI score0.00866EPSS
CVE
CVE
added 2021/05/26 4:20 p.m.45 views

CVE-2021-20486

CVE-2021-20486 affects IBM Cloud Pak for Data 3.0 (CPD 3.0) and can allow an authenticated user to obtain sensitive information when CPD is installed with certain plugins (notably with Watson Knowledge Catalog/Data Virtualization add-ons). The vulnerability path is information disclosure due to m...

6.5CVSS6AI score0.00852EPSS
CVE
CVE
added 2023/07/10 12:22 a.m.38 views

CVE-2023-27540

CVE-2023-27540 affects IBM Watson CP4D Data Stores 4.6.0 and is caused by improper allocation of resources without limits or throttling, enabling a remote attacker with system-specific information to cause a denial of service. IBM’s bulletin assigns a CVSS v3.1 base score of 5.9 (MEDIUM) and cite...

7.5CVSS6.4AI score0.01301EPSS