Vulnerabilities > IBM > Cloud PAK FOR Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-19 | CVE-2023-26023 | Information Exposure Through Log Files vulnerability in IBM Cloud PAK for Data 4.0 Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. | 7.5 |
2023-07-19 | CVE-2023-26026 | Information Exposure Through Log Files vulnerability in IBM Cloud PAK for Data 4.0 Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. | 7.5 |
2023-07-19 | CVE-2023-27877 | Improper Authentication vulnerability in IBM Cloud PAK for Data 4.0 IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. | 7.5 |
2023-07-10 | CVE-2023-27540 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Cloud PAK for Data and Watson Cp4D Data Stores IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. | 7.5 |
2023-04-26 | CVE-2022-36769 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Cloud PAK for Data 4.5/4.6 IBM Cloud Pak for Data 4.5 and 4.6 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. | 7.2 |
2021-09-20 | CVE-2021-38899 | Unspecified vulnerability in IBM Cloud PAK for Data 2.5 IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. | 4.4 |
2021-05-26 | CVE-2021-20486 | Unspecified vulnerability in IBM Cloud PAK for Data 3.0 IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. | 6.5 |