NotCVE - vendor:"IBM" product:"Cloud Pak For Data"

Page 3 of 31 results (0.010 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-27540 – IBM Watson CP4D Data Stores denial of service

https://notcve.org/view.php?id=CVE-2023-27540

10 Jul 2023 — IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. IBM X-Force ID: 248924. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248924 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-28953 – IBM Cognos Analytics on Cloud Pak for Data improper access control

https://notcve.org/view.php?id=CVE-2023-28953

10 Jul 2023 — IBM Cognos Analytics on Cloud Pak for Data 4.0 could allow an attacker to make system calls that might compromise the security of the containers due to misconfigured security context. IBM X-Force ID: 251465. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251465 •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-30444 – IBM Watson Machine Learning on Cloud Pak for Data server-side request forgery

https://notcve.org/view.php?id=CVE-2023-30444

27 Apr 2023 — IBM Watson Machine Learning on Cloud Pak for Data 4.0 and 4.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 253350. • https://www.ibm.com/support/pages/node/6985859 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2022-36769 – IBM Cloud Pak for Data file upload

https://notcve.org/view.php?id=CVE-2022-36769

26 Apr 2023 — IBM Cloud Pak for Data 4.5 and 4.6 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 232034. • https://exchange.xforce.ibmcloud.com/vulnerabilities/232034 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-41731 – IBM Watson Knowledge Catalog on Cloud Pak SQL injection

https://notcve.org/view.php?id=CVE-2022-41731

06 Feb 2023 — IBM Watson Knowledge Catalog on Cloud Pak for Data 4.5.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 237402. • https://exchange.xforce.ibmcloud.com/vulnerabilities/237402 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-41297 – IBM Db2U cross-site request forgery

https://notcve.org/view.php?id=CVE-2022-41297

01 Dec 2022 — IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237212. IBM Db2U 3.5, 4.0 y 4.5 es vulnerable a Cross-Site Request Forgery (CSRF), lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el que confía el sitio web. ID de IBM X-Force: 237212. • https://exchange.xforce.ibmcloud.com/vulnerabilities/237212 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0

CVE-2022-22353

https://notcve.org/view.php?id=CVE-2022-22353

14 Mar 2022 — IBM Big SQL on IBM Cloud Pak for Data 7.1.0, 7.1.1, 7.2.0, and 7.2.3 could allow an authenticated user with appropriate permissions to obtain sensitive information by bypassing data masking rules using a CREATE TABLE SELECT statement. IBM X-Force ID: 220480. IBM Big SQL en IBM Cloud Pak for Data versiones 7.1.0, 7.1.1, 7.2.0 y 7.2.3, podría permitir a un usuario autenticado con los permisos adecuados obtener información confidencial al omitir las reglas de enmascaramiento de datos mediante una sentencia CRE... • https://exchange.xforce.ibmcloud.com/vulnerabilities/220480 •

CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-38971

https://notcve.org/view.php?id=CVE-2021-38971

14 Mar 2022 — IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620. IBM Data Virtualization on Cloud Pak for Data versiones 1.3.0, 1.4.1, 1.5.0, 1.7.1 y 1.7.3, podría permitir a un usuario autorizado omitir las reglas de enmascaramiento de datos y obtener información confidencial. IBM X-Force ID: 212620 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212620 •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-38899

https://notcve.org/view.php?id=CVE-2021-38899

20 Sep 2021 — IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. IBM X-Force ID: 209575. IBM Cloud Pak for Data versión 2.5, podría permitir a un usuario local con privilegios especiales conseguir información altamente confidencial. ID de IBM X-Force: 209575 • https://exchange.xforce.ibmcloud.com/vulnerabilities/209575 •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2021-20486

https://notcve.org/view.php?id=CVE-2021-20486

26 May 2021 — IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668. IBM Cloud Pak for Data versión 3.0, podría permitir a un usuario autenticado obtener información confidencial cuando es instalado con plugins adicionales. IBM X-Force ID: 197668 • https://exchange.xforce.ibmcloud.com/vulnerabilities/197668 •

1 2 3 4