CVE-2023-50959

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to use a system account.  IBM X-Force ID:  275938.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
ibmCNA
5.3 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
ibmcloud_pak_for_business_automation
18.0.0
ibmcloud_pak_for_business_automation
18.0.1
ibmcloud_pak_for_business_automation
18.0.2
ibmcloud_pak_for_business_automation
19.0.1
ibmcloud_pak_for_business_automation
19.0.2
ibmcloud_pak_for_business_automation
19.0.3
ibmcloud_pak_for_business_automation
20.0.1
ibmcloud_pak_for_business_automation
20.0.2
ibmcloud_pak_for_business_automation
20.0.3
ibmcloud_pak_for_business_automation
21.0.1
ibmcloud_pak_for_business_automation
21.0.2
ibmcloud_pak_for_business_automation
21.0.3
ibmcloud_pak_for_business_automation
22.0.1
ibmcloud_pak_for_business_automation
22.0.2
ibmcloud_pak_for_business_automation
23.0.1
ibmcloud_pak_for_business_automation
23.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/275938
https://www.ibm.com/support/pages/node/7145492
https://exchange.xforce.ibmcloud.com/vulnerabilities/275938
https://www.ibm.com/support/pages/node/7145492