Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Automation Decision Services by IBM

    CVE-2024-31906 (GCVE-0-2024-31906)

    Vulnerability from nvd – Published: 2025-01-26 14:36 – Updated: 2025-01-27 14:52
    VLAI
    Title
    IBM Automation Decision Services information disclosure
    Summary
    IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-525 - Information Exposure Through Browser Caching
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Automation Decision Services Affected: 23.0.2
        cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31906",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-27T14:39:49.483063Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-27T14:52:33.452Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Automation Decision Services",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "23.0.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
                }
              ],
              "value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-525",
                  "description": "CWE-525 Information Exposure Through Browser Caching",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-26T14:36:29.428Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.ibm.com/support/pages/node/7150662"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Automation Decision Services information disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2024-31906",
        "datePublished": "2025-01-26T14:36:29.428Z",
        "dateReserved": "2024-04-07T12:45:07.197Z",
        "dateUpdated": "2025-01-27T14:52:33.452Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31906 (GCVE-0-2024-31906)

    Vulnerability from cvelistv5 – Published: 2025-01-26 14:36 – Updated: 2025-01-27 14:52
    VLAI
    Title
    IBM Automation Decision Services information disclosure
    Summary
    IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-525 - Information Exposure Through Browser Caching
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Automation Decision Services Affected: 23.0.2
        cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31906",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-27T14:39:49.483063Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-27T14:52:33.452Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Automation Decision Services",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "23.0.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
                }
              ],
              "value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-525",
                  "description": "CWE-525 Information Exposure Through Browser Caching",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-26T14:36:29.428Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.ibm.com/support/pages/node/7150662"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Automation Decision Services information disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2024-31906",
        "datePublished": "2025-01-26T14:36:29.428Z",
        "dateReserved": "2024-04-07T12:45:07.197Z",
        "dateUpdated": "2025-01-27T14:52:33.452Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }