PT-2023-4607 · Ibm · Ibm Cognos Analytics On Cloud Pak For Data
Published
2023-03-29
·
Updated
2023-08-14
·
CVE-2023-28953
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Cognos Analytics on Cloud Pak for Data version 4.0
Description
The issue is related to insufficient protection of service data when processing the
seccomp parameter, which could allow a remote attacker to compromise the security of containers due to a misconfigured security context. This might impact the integrity of protected information.Recommendations
For IBM Cognos Analytics on Cloud Pak for Data version 4.0, consider restricting access to the
seccomp parameter to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Cleartext Storage of Sensitive Information
Insecure Storage of Sensitive Information
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ibm Cognos Analytics On Cloud Pak For Data