CVE-2023-28953

low-risk

Published 2023-07-10

IBM Cognos Analytics on Cloud Pak for Data 4.0 could allow an attacker to make system calls that might compromise the security of the containers due to misconfigured security context. IBM X-Force ID: 251465.

Do I need to act?

0.06% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 3.1/10 Low

NETWORK / HIGH complexity

Affected Products (1)

Cognos Analytics Cartridge For Ibm Cloud Pak For Data

Affected Vendors

Ibm

References (6)

VDB Entry https://exchange.xforce.ibmcloud.com/vulnerabilities/251465

https://security.netapp.com/advisory/ntap-20230814-0001/

Patch https://www.ibm.com/support/pages/node/7006413

VDB Entry https://exchange.xforce.ibmcloud.com/vulnerabilities/251465

https://security.netapp.com/advisory/ntap-20230814-0001/

Patch https://www.ibm.com/support/pages/node/7006413

/ 100

low-risk

Severity 11/34 · Low

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal