{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-38271","assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","state":"PUBLISHED","assignerShortName":"ibm","dateReserved":"2023-07-14T00:46:14.890Z","datePublished":"2025-01-25T13:57:18.288Z","dateUpdated":"2025-01-27T17:00:45.724Z"},"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:a:ibm:cloud_pak_system:2.3.3.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:cloud_pak_system:2.3.3.3:*:*:*:*:*:*:*","cpe:2.3:a:ibm:cloud_pak_system:2.3.3.3:ifix1:*:*:*:*:*:*","cpe:2.3:a:ibm:cloud_pak_system:2.3.3.4:*:*:*:*:*:*:*","cpe:2.3:a:ibm:cloud_pak_system:2.3.3.5:*:*:*:*:*:*:*","cpe:2.3:a:ibm:cloud_pak_system:2.3.3.6:*:*:*:*:*:*:*","cpe:2.3:a:ibm:cloud_pak_system:2.3.3.6:ifix1:*:*:*:*:*:*","cpe:2.3:a:ibm:cloud_pak_system:2.3.3.6:ifix2:*:*:*:*:*:*","cpe:2.3:a:ibm:cloud_pak_system:2.3.3.7:*:*:*:*:*:*:*","cpe:2.3:a:ibm:cloud_pak_system:2.3.3.7:ifix1:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"Cloud Pak System","vendor":"IBM","versions":[{"status":"affected","version":"2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could allow an authenticated user to obtain sensitive information from log files."}],"value":"IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could allow an authenticated user to obtain sensitive information from log files."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-532","description":"CWE-532 Insertion of Sensitive Information into Log File","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm","dateUpdated":"2025-01-25T13:57:18.288Z"},"references":[{"url":"https://www.ibm.com/support/pages/node/7159533"}],"source":{"discovery":"UNKNOWN"},"title":"IBM Cloud Pak System information disclosure","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-01-27T17:00:35.776203Z","id":"CVE-2023-38271","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-01-27T17:00:45.724Z"}}]}}