PT-2023-20434 · Ibm · Planning Analytics Cartridge For Cloud Pak For Data
Published
2023-07-19
·
Updated
2023-07-28
·
CVE-2023-26026
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Planning Analytics Cartridge for Cloud Pak for Data version 4.0
Description
The issue exposes sensitive information in logs, which could lead an attacker to exploit it and conduct further attacks.
Recommendations
For Planning Analytics Cartridge for Cloud Pak for Data version 4.0, consider restricting access to log files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Planning Analytics Cartridge For Cloud Pak For Data