PT-2024-12720 · Ibm · Ibm Watson Iot Platform
Md Rabbi Alam
·
Published
2024-02-28
·
Updated
2025-02-14
·
CVE-2023-38372
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Watson IoT Platform version 1.0
Description
An unauthorized attacker who has obtained an IBM Watson IoT Platform security authentication token can use it to impersonate an authorized platform user.
Recommendations
For IBM Watson IoT Platform version 1.0, as a temporary workaround, consider restricting access to sensitive areas of the platform to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Watson Iot Platform