admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-351xx/CVE-2024-35160.json
cad-safe-bot a7b01566d8 Auto-Update: 2024-11-26T21:01:59.977631+00:00
2024-11-26 21:05:12 +00:00

142 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-35160",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-11-23T14:15:18.393",
"lastModified": "2024-11-26T19:08:22.473",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2\u00a0and IBM Db2 Big SQL on Cloud Pak for Data 7.3, 7.4, 7.5, and 7.6\u00a0could allow an authenticated user to obtain sensitive information due to insufficient session expiration."
},
{
"lang": "es",
"value": "IBM Watson Query en Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 e IBM Db2 Big SQL en Cloud Pak for Data 7.3, 7.4, 7.5 y 7.6 podr\u00edan permitir que un usuario autenticado obtenga informaci\u00f3n confidencial debido a una expiraci\u00f3n de sesi\u00f3n insuficiente."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:big_sql:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F847F14F-2D58-4E50-B28E-A8F2BE6BE148"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:big_sql:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F5CA4981-7EA0-41BB-8450-1EF995DC2DA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:big_sql:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D13EB5A5-B222-49A3-9931-ED9D00E2FC93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:big_sql:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0F238E3E-4891-4089-A3F0-128B7B947ABD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3F682C06-34BF-42E4-8C05-93B142C47D22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D451E18-6883-44F7-90A0-50B539D34D65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B063DD40-B8CE-45EF-A692-99E2B5ED4616"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6EF1367E-3931-479D-882F-B75FD5CA241A"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7168703",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7176947",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink