CVE-2023-27545: IBM Watson CloudPak for Data Data Stores information disclosure
First published: Wed Mar 22 2023(Updated: )
IBM Watson CloudPak for Data Data Stores information disclosure 4.6.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 248947.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Watson Cloud Pak for Data Data Stores | <=pre-4.6.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-27545?
CVE-2023-27545 is classified as a moderate severity vulnerability due to potential information disclosure issues.
How do I fix CVE-2023-27545?
To fix CVE-2023-27545, users should upgrade to IBM Watson CloudPak for Data Data Stores version 4.6.3 or later.
What impact does CVE-2023-27545 have on users?
CVE-2023-27545 allows local web pages to be read by another user on the system, potentially exposing sensitive information.
Which versions of IBM Watson CloudPak for Data Data Stores are affected by CVE-2023-27545?
CVE-2023-27545 affects IBM Watson CloudPak for Data Data Stores versions prior to 4.6.3.
Is there a workaround for CVE-2023-27545?
Currently, the best approach for CVE-2023-27545 is to apply the available update to mitigate the risk.
- agent/title
- agent/references
- agent/weakness
- agent/description
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/source
- agent/tags
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm watson cloud pak for data data stores
- version/ibm watson cloud pak for data data stores/pre-4.6.3