Product:

Cloud_pak_for_data

(Ibm)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 7
Date Id Summary Products Score Patch Annotated
2021-05-26 CVE-2021-20486 IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668. Cloud_pak_for_data 6.5
2021-09-20 CVE-2021-38899 IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575. Cloud_pak_for_data 4.4
2023-04-26 CVE-2022-36769 IBM Cloud Pak for Data 4.5 and 4.6 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 232034. Cloud_pak_for_data 7.2
2023-07-10 CVE-2023-27540 IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. IBM X-Force ID: 248924. Cloud_pak_for_data, Watson_cp4d_data_stores 7.5
2023-07-19 CVE-2023-26023 Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896. Cloud_pak_for_data 7.5
2023-07-19 CVE-2023-26026 Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896. Cloud_pak_for_data 7.5
2023-07-19 CVE-2023-27877 IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An attacker can exploit an insecure password policy to the CouchDB server and collect sensitive information from the database. IBM X-Force ID: 247905. Cloud_pak_for_data 7.5