Описание
IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for Data 7.3, 7.4, 7.5, and 7.6 could allow an authenticated user to obtain sensitive information due to insufficient session expiration.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:big_sql:7.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:big_sql:7.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:big_sql:7.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:big_sql:7.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:1.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.00039
Низкий
4.3 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-613
Связанные уязвимости
CVSS3: 4.3
github
около 1 года назад
IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for Data 7.3, 7.4, 7.5, and 7.6 could allow an authenticated user to obtain sensitive information due to insufficient session expiration.
EPSS
Процентиль: 12%
0.00039
Низкий
4.3 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-613