Ibm Watson Cp4D Data Stores vulnerabilities

CVE-2023-40694 [MEDIUM] CWE-532 CVE-2023-40694: IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log file IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 264838.

CVE-2023-26282 [MEDIUM] CWE-73 CVE-2023-26282: IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and specific IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and specific knowledge of the system to modify files or data on the system. IBM X-Force ID: 248415.

CVE-2023-27291 [MEDIUM] CWE-319 CVE-2023-27291: IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical in IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical information before storage or transmission which could allow an attacker to obtain sensitive information. IBM X-Force ID: 248740.

CVE-2023-28512 [MEDIUM] CWE-472 CVE-2023-28512: IBM Watson CP4D Data Stores 4.6.0, 4.6.1, and 4.6.2 could allow an attacker with specific knowledge IBM Watson CP4D Data Stores 4.6.0, 4.6.1, and 4.6.2 could allow an attacker with specific knowledge about the system to manipulate data due to improper input validation. IBM X-Force ID: 250396.

CVE-2023-27540 [MEDIUM] CWE-770 CVE-2023-27540: IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. IBM X-Force ID: 248924.