IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure
CVE-2023-26023

6.5MEDIUM

Key Information:

Vendor
IBM
Status
Sterling Connect:express For Unix
Vendor
CVE Published:
19 July 2023

Summary

Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896.

Affected Version(s)

Sterling Connect:Express for UNIX 4.0

References

https://www.ibm.com/support/pages/node/6999351
vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/247896
vdb-entry

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.