What is the severity of CVE-2023-50959?

CVE-2023-50959 has a not specified severity rating that indicates potential risks related to document queries in IBM Business Automation Workflow.

How do I fix CVE-2023-50959?

To fix CVE-2023-50959, apply the latest patches or updates provided by IBM for the affected versions of Cloud Pak for Business Automation.

Which versions are affected by CVE-2023-50959?

CVE-2023-50959 affects IBM Cloud Pak for Business Automation versions 18.0.0 through 23.0.2.

What type of issue does CVE-2023-50959 represent?

CVE-2023-50959 represents a vulnerability that allows unintended document access from an Enterprise Content Management system.

Who is affected by CVE-2023-50959?

End users of IBM Business Automation Workflow who utilize a system account for interacting with connected Enterprise Content Management systems are affected by CVE-2023-50959.

Vulnerability/
CVE-2023-50959

medium

6.5

CWE

497

28/3/2024

31/3/2024

2/8/2024

CVE-2023-50959: IBM Cloud Pak for Business Automation information disclosure

First published: Thu Mar 28 2024(Updated: )

IBM Business Automation Workflow may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to use a system account.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Cloud Pak for Business Automation	=18.0.0
IBM Cloud Pak for Business Automation	=18.0.1
IBM Cloud Pak for Business Automation	=18.0.2
IBM Cloud Pak for Business Automation	=19.0.1
IBM Cloud Pak for Business Automation	=19.0.2
IBM Cloud Pak for Business Automation	=19.0.3
IBM Cloud Pak for Business Automation	=20.0.1
IBM Cloud Pak for Business Automation	=20.0.2
IBM Cloud Pak for Business Automation	=20.0.3
IBM Cloud Pak for Business Automation	=21.0.1
IBM Cloud Pak for Business Automation	=21.0.2
IBM Cloud Pak for Business Automation	=21.0.3
IBM Cloud Pak for Business Automation	=22.0.1
IBM Cloud Pak for Business Automation	=22.0.2
IBM Cloud Pak for Business Automation	=23.0.1
IBM Cloud Pak for Business Automation	=23.0.2

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7145492

Frequently Asked Questions

What is the severity of CVE-2023-50959?
CVE-2023-50959 has a not specified severity rating that indicates potential risks related to document queries in IBM Business Automation Workflow.
How do I fix CVE-2023-50959?
To fix CVE-2023-50959, apply the latest patches or updates provided by IBM for the affected versions of Cloud Pak for Business Automation.
Which versions are affected by CVE-2023-50959?
CVE-2023-50959 affects IBM Cloud Pak for Business Automation versions 18.0.0 through 23.0.2.
What type of issue does CVE-2023-50959 represent?
CVE-2023-50959 represents a vulnerability that allows unintended document access from an Enterprise Content Management system.
Who is affected by CVE-2023-50959?
End users of IBM Business Automation Workflow who utilize a system account for interacting with connected Enterprise Content Management systems are affected by CVE-2023-50959.

agent/title
agent/references
agent/weakness
agent/type
collector/ibm-support
source/IBM
agent/description
agent/event
agent/first-publish-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/severity
agent/author
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
agent/tags
agent/source
vendor/ibm
canonical/ibm cloud pak for business automation
version/ibm cloud pak for business automation/18.0.0
version/ibm cloud pak for business automation/18.0.1
version/ibm cloud pak for business automation/18.0.2
version/ibm cloud pak for business automation/19.0.1
version/ibm cloud pak for business automation/19.0.2
version/ibm cloud pak for business automation/19.0.3
version/ibm cloud pak for business automation/20.0.1
version/ibm cloud pak for business automation/20.0.2
version/ibm cloud pak for business automation/20.0.3
version/ibm cloud pak for business automation/21.0.1
version/ibm cloud pak for business automation/21.0.2
version/ibm cloud pak for business automation/21.0.3
version/ibm cloud pak for business automation/22.0.1
version/ibm cloud pak for business automation/22.0.2
version/ibm cloud pak for business automation/23.0.1
version/ibm cloud pak for business automation/23.0.2