CVE-2023-26024

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

I

BM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to obtain sensitive information caused by insecure network communication. IBM X-Force ID: 247898.

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/247898	VDB Entry Vendor Advisory
https://https://www.ibm.com/support/pages/node/7082784	Broken Link
https://www.ibm.com/support/pages/node/7082784	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/247898	VDB Entry Vendor Advisory
https://https://www.ibm.com/support/pages/node/7082784	Broken Link

Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:planning_analytics_on_cloud_pak_for_data:4.0:*:*:*:*:*:*:*

History

21 Nov 2024, 07:50

Type	Values Removed	Values Added
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/247898 - VDB Entry, Vendor Advisory~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/247898 - VDB Entry, Vendor Advisory
References	~~() https://https://www.ibm.com/support/pages/node/7082784 - Broken Link~~	() https://https://www.ibm.com/support/pages/node/7082784 - Broken Link

Information

Published : 2023-12-01 19:15

Updated : 2024-11-21 07:50

NVD link : CVE-2023-26024

Mitre link : CVE-2023-26024

CVE.ORG link : CVE-2023-26024

JSON object : View

Products Affected

planning_analytics_on_cloud_pak_for_data

CWE

CWE-327

Use of a Broken or Risky Cryptographic Algorithm

{"id": "CVE-2023-26024", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2023-12-01T19:15:07.640", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/247898", "tags": ["VDB Entry", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://https://www.ibm.com/support/pages/node/7082784", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "https://www.ibm.com/support/pages/node/7082784", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/247898", "tags": ["VDB Entry", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://https://www.ibm.com/support/pages/node/7082784", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-327"}]}], "descriptions": [{"lang": "en", "value": "IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to obtain sensitive information caused by insecure network communication. IBM X-Force ID: 247898."}, {"lang": "es", "value": "IBM Planning Analytics on Cloud Pak for Data 4.0 podr\u00eda permitir que un atacante en una red compartida obtenga informaci\u00f3n confidencial causada por una comunicaci\u00f3n de red insegura. ID de IBM X-Force: 247898."}], "lastModified": "2024-11-21T07:50:37.043", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:planning_analytics_on_cloud_pak_for_data:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "926BDD37-F861-4701-AFAD-E351C2F29F97"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}