How severe is CVE-2023-23469?

Medium severity. CVSS v3 base score is 4.0 out of 10.

Vulnerability in Ibm Cloud Pak For Business Automation

CVE-2023-23469

IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the sys…

EPSS: 0.001 (16.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.0 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Ibm Cloud Pak For Business Automation — versions 18.0.0, 18.0.1,18.0.2,19.0.1,19.0.2,19.0.3,20.0.1,20.0.2,20.0.3,21.0.1,21.0.2,21.0.3,22.0.1,22.0.2

References

www.ibm.com/support/pages/node/6857999 (vendor-advisory)
exchange.xforce.ibmcloud.com/vulnerabilities/244504 (vdb-entry)

Frequently asked questions

What is CVE-2023-23469?: CVE-2023-23469 is a medium-severity vulnerability in Ibm Cloud Pak For Business Automation. CVSS score: 4.0/10. Published 2023-02-01.
How severe is CVE-2023-23469?: Medium severity. CVSS v3 base score is 4.0 out of 10.