CVE-2023-28953

EUVD-2023-32571
IBM Cognos Analytics on Cloud Pak for Data 4.0 could allow an attacker to make system calls that might compromise the security of the containers due to misconfigured security context.  IBM X-Force ID:  251465.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.1 LOW
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
ibmCNA
3.1 LOW
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Affected Products (NVD)
VendorProductVersion
ibmcognos_analytics_cartridge_for_ibm_cloud_pak_for_data
4.0 ≤
𝑥
< 4.7
𝑥
= Vulnerable software versions
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/251465
https://security.netapp.com/advisory/ntap-20230814-0001/
https://www.ibm.com/support/pages/node/7006413
https://exchange.xforce.ibmcloud.com/vulnerabilities/251465
https://security.netapp.com/advisory/ntap-20230814-0001/
https://www.ibm.com/support/pages/node/7006413