We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-27877

IBM Planning Analytics Cartridge for Cloud Pak for Data information disclosure



Assigneribm
Reserved2023-03-06
Published2023-07-19
Updated2024-10-28

Description

IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An attacker can exploit an insecure password policy to the CouchDB server and collect sensitive information from the database. IBM X-Force ID: 247905.



MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Product status

Default status
unaffected

4.0
affected

References

https://www.ibm.com/support/pages/node/6999351 vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/247905 vdb-entry

cve.org CVE-2023-27877

nvd.nist.gov CVE-2023-27877

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-27877
Subscribe to our newsletter to learn more about our work.