PT-2023-8821 · Ibm · Ibm Watson Cp4D Data Stores
Published
2023-03-22
·
Updated
2024-12-23
·
CVE-2023-27291
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Watson CP4D Data Stores versions 4.6.0 through 4.6.3
Description
The issue is related to the lack of encryption for sensitive or critical information before storage or transmission, which could allow an attacker to obtain sensitive information. This could enable a remote attacker to gain unauthorized access to protected information.
Recommendations
For versions 4.6.0 through 4.6.3, consider implementing encryption for sensitive or critical information before storage or transmission as a temporary workaround until a patch is available. Restrict access to sensitive data to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Cleartext Transmission of Sensitive Information
Missing Encryption of Sensitive Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ibm Watson Cp4D Data Stores