CVE-2023-28953 LOW

CVE-2023-28953: IBM Cognos Analytics on Cloud Pak for Data improper access control

Vendor Ibm
Product Cognos Analytics Cartridge for Cloud Pak for Data
Published July 10, 2023
Last update February 13, 2025

CVSS base score

3.1/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

IBM Cognos Analytics on Cloud Pak for Data 4.0 could allow an attacker to make system calls that might compromise the security of the containers due to misconfigured security context. IBM X-Force ID: 251465.

Key dates

02Disclosure timeline

July 10, 2023 CVE published
February 13, 2025 Record updated