5.9
CVE-2023-28512
- EPSS 0.07%
- Veröffentlicht 03.03.2024 16:15:49
- Zuletzt bearbeitet 29.01.2025 21:26:57
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Watson CP4D Data Stores improper input validation
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, and 4.6.2 could allow an attacker with specific knowledge about the system to manipulate data due to improper input validation. IBM X-Force ID: 250396.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Watson Cp4d Data Stores Version4.6.0
Ibm ≫ Watson Cp4d Data Stores Version4.6.1
Ibm ≫ Watson Cp4d Data Stores Version4.6.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.211 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| psirt@us.ibm.com | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
|
CWE-472 External Control of Assumed-Immutable Web Parameter
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.