Search criteria
3 vulnerabilities found for automation_decision_services by ibm
FKIE_CVE-2024-31906
Vulnerability from fkie_nvd - Published: 2025-01-26 15:15 - Updated: 2025-08-14 19:05
Severity ?
Summary
IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@us.ibm.com | https://www.ibm.com/support/pages/node/7150662 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | automation_decision_services | 23.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1631CFA8-328C-4059-BBB4-01EBC8D15D64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
},
{
"lang": "es",
"value": "IBM Automation Decision Services 23.0.2 permite que las p\u00e1ginas web se almacenen localmente y que otro usuario pueda leerlas en sistema."
}
],
"id": "CVE-2024-31906",
"lastModified": "2025-08-14T19:05:15.953",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6,
"source": "psirt@us.ibm.com",
"type": "Secondary"
}
]
},
"published": "2025-01-26T15:15:22.770",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/7150662"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-525"
}
],
"source": "psirt@us.ibm.com",
"type": "Secondary"
}
]
}
CVE-2024-31906 (GCVE-0-2024-31906)
Vulnerability from cvelistv5 – Published: 2025-01-26 14:36 – Updated: 2025-01-27 14:52
VLAI?
Title
IBM Automation Decision Services information disclosure
Summary
IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system.
Severity ?
6.2 (Medium)
CWE
- CWE-525 - Information Exposure Through Browser Caching
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Automation Decision Services |
Affected:
23.0.2
cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T14:39:49.483063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T14:52:33.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Automation Decision Services",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "23.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
}
],
"value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-525",
"description": "CWE-525 Information Exposure Through Browser Caching",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-26T14:36:29.428Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7150662"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Automation Decision Services information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-31906",
"datePublished": "2025-01-26T14:36:29.428Z",
"dateReserved": "2024-04-07T12:45:07.197Z",
"dateUpdated": "2025-01-27T14:52:33.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31906 (GCVE-0-2024-31906)
Vulnerability from nvd – Published: 2025-01-26 14:36 – Updated: 2025-01-27 14:52
VLAI?
Title
IBM Automation Decision Services information disclosure
Summary
IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system.
Severity ?
6.2 (Medium)
CWE
- CWE-525 - Information Exposure Through Browser Caching
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Automation Decision Services |
Affected:
23.0.2
cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T14:39:49.483063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T14:52:33.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:automation_decision_services:23.0.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Automation Decision Services",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "23.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
}
],
"value": "IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-525",
"description": "CWE-525 Information Exposure Through Browser Caching",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-26T14:36:29.428Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7150662"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Automation Decision Services information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-31906",
"datePublished": "2025-01-26T14:36:29.428Z",
"dateReserved": "2024-04-07T12:45:07.197Z",
"dateUpdated": "2025-01-27T14:52:33.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}