CVE-2024-35160

{"id": "CVE-2024-35160", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-11-23T14:15:18.393", "references": [{"url": "https://www.ibm.com/support/pages/node/7168703", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://www.ibm.com/support/pages/node/7176947", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@us.ibm.com", "description": [{"lang": "en", "value": "CWE-613"}]}], "descriptions": [{"lang": "en", "value": "IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2\u00a0and IBM Db2 Big SQL on Cloud Pak for Data 7.3, 7.4, 7.5, and 7.6\u00a0could allow an authenticated user to obtain sensitive information due to insufficient session expiration."}, {"lang": "es", "value": "IBM Watson Query en Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 e IBM Db2 Big SQL en Cloud Pak for Data 7.3, 7.4, 7.5 y 7.6 podr\u00edan permitir que un usuario autenticado obtenga informaci\u00f3n confidencial debido a una expiraci\u00f3n de sesi\u00f3n insuficiente."}], "lastModified": "2024-11-26T19:08:22.473", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:big_sql:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F847F14F-2D58-4E50-B28E-A8F2BE6BE148"}, {"criteria": "cpe:2.3:a:ibm:big_sql:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5CA4981-7EA0-41BB-8450-1EF995DC2DA2"}, {"criteria": "cpe:2.3:a:ibm:big_sql:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D13EB5A5-B222-49A3-9931-ED9D00E2FC93"}, {"criteria": "cpe:2.3:a:ibm:big_sql:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F238E3E-4891-4089-A3F0-128B7B947ABD"}, {"criteria": "cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F682C06-34BF-42E4-8C05-93B142C47D22"}, {"criteria": "cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D451E18-6883-44F7-90A0-50B539D34D65"}, {"criteria": "cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B063DD40-B8CE-45EF-A692-99E2B5ED4616"}, {"criteria": "cpe:2.3:a:ibm:watson_query_with_cloud_pak_for_data:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EF1367E-3931-479D-882F-B75FD5CA241A"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}