Main Vulnerability Database Vulnerabilities #VU73977

Missing Encryption of Sensitive Data in Watson CP4D Data Stores - CVE-2023-26282

Published: March 23, 2023

Vulnerability identifier: #VU73977

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-26282

CWE-ID: CWE-311

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Watson CP4D Data Stores

Software vendor:
IBM Corporation

Description

The vulnerability allows an attacker to modify files on the system.

The vulnerability exists due to IBM Watson CP4D Data Stores does not protect itself against unauthorized physical impact. An attacker with physical access and specific knowledge of the system to modify files or data on the system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.ibm.com/support/pages/node/6965452

Missing Encryption of Sensitive Data in Watson CP4D Data Stores - CVE-2023-26282

Description

Remediation

External links

Please verify you're human