CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37526 – IBM Watson Query on Cloud Pak for Data information disclosure
https://notcve.org/view.php?id=CVE-2024-37526
27 Jan 2025 — IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism. IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism. • https://www.ibm.com/support/pages/node/7173774 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2021-38971
https://notcve.org/view.php?id=CVE-2021-38971
14 Mar 2022 — IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620. IBM Data Virtualization on Cloud Pak for Data versiones 1.3.0, 1.4.1, 1.5.0, 1.7.1 y 1.7.3, podría permitir a un usuario autorizado omitir las reglas de enmascaramiento de datos y obtener información confidencial. IBM X-Force ID: 212620 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212620 •