IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure
CVE-2023-26026

5.3MEDIUM

Key Information:

Vendor: IBM
Status: Planning Analytics Cartridge For Cloud Pak For Data
Vendor: CVE Published:; 19 July 2023

Summary

Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896.

Affected Version(s)

Planning Analytics Cartridge for Cloud Pak for Data 4.0

References

https://www.ibm.com/support/pages/node/6999351

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/247896

vdb-entry

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2023
Vulnerability Reserved
Feb 17, 2023