Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Cloud Pak For Data
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-27877 1 Ibm 1 Cloud Pak For Data 2024-11-21 N/A 5.3 MEDIUM
IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An attacker can exploit an insecure password policy to the CouchDB server and collect sensitive information from the database. IBM X-Force ID: 247905.
CVE-2023-27540 2 Ibm, Redhat 3 Cloud Pak For Data, Watson Cp4d Data Stores, Openshift 2024-11-21 N/A 5.9 MEDIUM
IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. IBM X-Force ID: 248924.
CVE-2023-26026 1 Ibm 1 Cloud Pak For Data 2024-11-21 N/A 5.3 MEDIUM
Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896.
CVE-2023-26023 1 Ibm 1 Cloud Pak For Data 2024-11-21 N/A 6.5 MEDIUM
Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896.
CVE-2022-38714 1 Ibm 2 Cloud Pak For Data, Datastage 2024-11-21 N/A 4.9 MEDIUM
IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that can be read by a privileged user. IBM X-Force ID: 235060.
CVE-2022-36769 2 Ibm, Redhat 2 Cloud Pak For Data, Openshift 2024-11-21 N/A 7.2 HIGH
IBM Cloud Pak for Data 4.5 and 4.6 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 232034.
CVE-2022-22353 2 Cloudera, Ibm 3 Data Platform, Big Sql, Cloud Pak For Data 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules using a CREATE TABLE SELECT statement. IBM X-Force ID: 220480.
CVE-2021-38899 1 Ibm 1 Cloud Pak For Data 2024-11-21 2.1 LOW 4.4 MEDIUM
IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575.
CVE-2021-20486 3 Ibm, Linux, Redhat 3 Cloud Pak For Data, Linux Kernel, Enterprise Linux 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668.