CVE-2024-35160

Summary

IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for Data 7.3, 7.4, 7.5, and 7.6 could allow an authenticated user to obtain sensitive information due to insufficient session expiration.

Affected Software

VendorProductVersion RangeStatus
IBMWatson Query for Cloud Pak for Data1.8, 2.0, 2.1, 2.2affected
IBMDb2 Big SQL on Cloud Pak for Data7.3, 7.4, 7.5, 7.6affected

Weaknesses

  • CWE-613: CWE-613 Insufficient Session Expiration

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References