CVE-2022-38714 MEDIUM

CVE-2022-38714: IBM DataStage on Cloud Pak for Data information disclosure

Vendor Ibm
Product DataStage on Cloud Pak for Data
Published February 12, 2024
Last update March 18, 2025

CVSS base score

4.9/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that can be read by a privileged user. IBM X-Force ID: 235060.

Key dates

02Disclosure timeline

February 12, 2024 CVE published
March 18, 2025 Record updated