CVE-2023-27291

IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical information before storage or transmission which could allow an attacker to obtain sensitive information.  IBM X-Force ID:  248740.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.5 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
ibmCNA
4.5 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
VendorProductVersion
ibmwatson_cp4d_data_stores
4.6.0
ibmwatson_cp4d_data_stores
4.6.1
ibmwatson_cp4d_data_stores
4.6.2
ibmwatson_cp4d_data_stores
4.6.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/248740
https://www.ibm.com/support/pages/node/6965458
https://exchange.xforce.ibmcloud.com/vulnerabilities/248740
https://www.ibm.com/support/pages/node/6965458