CVE-2024-22341

Name of the Vulnerable Software and Affected Versions IBM Watson Query on Cloud Pak for Data versions 4.0.0 through 4.0.9 IBM Watson Query on Cloud Pak for Data versions 4.5.0 through 4.5.3 IBM Watson Query on Cloud Pak for Data versions 4.6.0 through 4.6.6 IBM Watson Query on Cloud Pak for Data versions 4.7.0 through 4.7.4 IBM Watson Query on Cloud Pak for Data versions 4.8.0 through 4.8.7

Description The issue is related to improper privilege management, which could allow unauthorized data access from a remote data source object. This is due to a privilege escalation issue.

Recommendations For versions 4.0.0 through 4.0.9, update to a version outside of this range to resolve the issue. For versions 4.5.0 through 4.5.3, update to a version outside of this range to resolve the issue. For versions 4.6.0 through 4.6.6, update to a version outside of this range to resolve the issue. For versions 4.7.0 through 4.7.4, update to a version outside of this range to resolve the issue. For versions 4.8.0 through 4.8.7, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to remote data source objects to minimize the risk of unauthorized data access.