CVE-2023-28953
IBM Cognos Analytics on Cloud Pak for Data improper access control
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.1EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
10 Jul 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Cognos Analytics on Cloud Pak for Data 4.0 could allow an attacker to make system calls that might compromise the security of the containers due to misconfigured security context. IBM X-Force ID: 251465.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Affected products
IBM · Cognos Analytics Cartridge for Cloud Pak for Data