CVE-2023-27291

EUVD-2023-31069
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical information before storage or transmission which could allow an attacker to obtain sensitive information.  IBM X-Force ID:  248740.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.5 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
ibmCNA
4.5 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
Affected Products (NVD)
VendorProductVersion
ibmwatson_cp4d_data_stores
4.6.0
ibmwatson_cp4d_data_stores
4.6.1
ibmwatson_cp4d_data_stores
4.6.2
ibmwatson_cp4d_data_stores
4.6.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/248740
https://www.ibm.com/support/pages/node/6965458
https://exchange.xforce.ibmcloud.com/vulnerabilities/248740
https://www.ibm.com/support/pages/node/6965458