Log File Vulnerability Could Allow Local User Access to Sensitive Information

CVE-2023-40694

6.2MEDIUM

Key Information

Vendor: IBM
Status: Watson Cp4d Data Stores
Vendor: Published:; 7 May 2024

Summary

IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 264838.

Affected Version(s)

Watson CP4D Data Stores <= 4.8.4

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

HIGH

Integrity:

NONE

Availability:

NONE

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Timeline

Vulnerability published.
May 7, 2024
Vulnerability Reserved.
Aug 18, 2023

Collectors

NVD DatabaseMitre Database