Search criteria
2 vulnerabilities found for Automation Decision Services by IBM
CVE-2024-31906 (GCVE-0-2024-31906)
Vulnerability from cvelistv5 – Published: 2025-01-26 14:36 – Updated: 2025-01-27 14:52
VLAI?
Title
IBM Automation Decision Services information disclosure
Summary
IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system.
Severity ?
6.2 (Medium)
CWE
- CWE-525 - Information Exposure Through Browser Caching
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Automation Decision Services |
Affected:
23.0.2
cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T14:39:49.483063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T14:52:33.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Automation Decision Services",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "23.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
}
],
"value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-525",
"description": "CWE-525 Information Exposure Through Browser Caching",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-26T14:36:29.428Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7150662"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Automation Decision Services information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-31906",
"datePublished": "2025-01-26T14:36:29.428Z",
"dateReserved": "2024-04-07T12:45:07.197Z",
"dateUpdated": "2025-01-27T14:52:33.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31906 (GCVE-0-2024-31906)
Vulnerability from nvd – Published: 2025-01-26 14:36 – Updated: 2025-01-27 14:52
VLAI?
Title
IBM Automation Decision Services information disclosure
Summary
IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system.
Severity ?
6.2 (Medium)
CWE
- CWE-525 - Information Exposure Through Browser Caching
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Automation Decision Services |
Affected:
23.0.2
cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T14:39:49.483063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T14:52:33.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Automation Decision Services",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "23.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
}
],
"value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-525",
"description": "CWE-525 Information Exposure Through Browser Caching",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-26T14:36:29.428Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7150662"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Automation Decision Services information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-31906",
"datePublished": "2025-01-26T14:36:29.428Z",
"dateReserved": "2024-04-07T12:45:07.197Z",
"dateUpdated": "2025-01-27T14:52:33.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}