CVE-2024-22341

Summary

IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data access from a remote data source object due to improper privilege management.

Affected Software

VendorProductVersion RangeStatus
IBMWatson Query on Cloud Pak for Data4.8.0 <= 4.8.7affected
IBMWatson Query on Cloud Pak for Data4.7.0 <= 4.7.4affected
IBMWatson Query on Cloud Pak for Data4.6.0 <= 4.6.6affected
IBMWatson Query on Cloud Pak for Data4.5.0 <= 4.5.3affected
IBMWatson Query on Cloud Pak for Data4.0.0 <= 4.0.9affected

Weaknesses

  • CWE-73: CWE-73 External Control of File Name or Path

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References