CVE-2023-27291

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-27291
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical information before storage or transmission which could allow an attacker to obtain sensitive information. IBM X-Force ID: 248740.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/248740 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/248740 Vendor Advisory
https://www.ibm.com/support/pages/node/6965458 Vendor Advisory
https://www.ibm.com/support/pages/node/6965458 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:watson_cp4d_data_stores:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:watson_cp4d_data_stores:4.6.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:watson_cp4d_data_stores:4.6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:watson_cp4d_data_stores:4.6.1:*:*:*:*:*:*:*
History

23 Dec 2024, 17:58

Type Values Removed Values Added
CPE cpe:2.3:a:ibm:watson_cp4d_data_stores:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:watson_cp4d_data_stores:4.6.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:watson_cp4d_data_stores:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:watson_cp4d_data_stores:4.6.0:*:*:*:*:*:*:*
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/248740 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/248740 - Vendor Advisory
References () https://www.ibm.com/support/pages/node/6965458 - () https://www.ibm.com/support/pages/node/6965458 - Vendor Advisory
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
First Time Ibm
Ibm watson Cp4d Data Stores
CWE CWE-319

19 Sep 2024, 15:15

Type Values Removed Values Added
CWE CWE-311 CWE-319

03 Mar 2024, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-03 16:15

Updated : 2024-12-23 17:58

NVD link : CVE-2023-27291

Mitre link : CVE-2023-27291

JSON object : View

Products Affected

ibm

  • watson_cp4d_data_stores
CWE

No CWE.