CVE-2023-23469

IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 244504.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
ibmCNA
4 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
VendorProductVersion
ibmcloud_pak_for_business_automation
18.0.0 ≤
𝑥
≤ 20.0.3
ibmcloud_pak_for_business_automation
21.0.1
ibmcloud_pak_for_business_automation
21.0.1:interim_fix_001
ibmcloud_pak_for_business_automation
21.0.1:interim_fix_002
ibmcloud_pak_for_business_automation
21.0.1:interim_fix_003
ibmcloud_pak_for_business_automation
21.0.1:interim_fix_004
ibmcloud_pak_for_business_automation
21.0.1:interim_fix_005
ibmcloud_pak_for_business_automation
21.0.1:interim_fix_006
ibmcloud_pak_for_business_automation
21.0.1:interim_fix_007
ibmcloud_pak_for_business_automation
21.0.2
ibmcloud_pak_for_business_automation
21.0.2:interim_fix_001
ibmcloud_pak_for_business_automation
21.0.2:interim_fix_0012
ibmcloud_pak_for_business_automation
21.0.2:interim_fix_002
ibmcloud_pak_for_business_automation
21.0.2:interim_fix_003
ibmcloud_pak_for_business_automation
21.0.2:interim_fix_004
ibmcloud_pak_for_business_automation
21.0.2:interim_fix_005
ibmcloud_pak_for_business_automation
21.0.2:interim_fix_006
ibmcloud_pak_for_business_automation
21.0.2:interim_fix_007
ibmcloud_pak_for_business_automation
21.0.2:interim_fix_008
ibmcloud_pak_for_business_automation
21.0.2:interim_fix_009
ibmcloud_pak_for_business_automation
21.0.3
ibmcloud_pak_for_business_automation
21.0.3:interim_fix_001
ibmcloud_pak_for_business_automation
21.0.3:interim_fix_002
ibmcloud_pak_for_business_automation
21.0.3:interim_fix_003
ibmcloud_pak_for_business_automation
21.0.3:interim_fix_004
ibmcloud_pak_for_business_automation
21.0.3:interim_fix_005
ibmcloud_pak_for_business_automation
21.0.3:interim_fix_006
ibmcloud_pak_for_business_automation
21.0.3:interim_fix_007
ibmcloud_pak_for_business_automation
21.0.3:interim_fix_008
ibmcloud_pak_for_business_automation
22.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/244504
https://www.ibm.com/support/pages/node/6857999
https://exchange.xforce.ibmcloud.com/vulnerabilities/244504
https://www.ibm.com/support/pages/node/6857999