CVE-2023-38010

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-38010
IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.ibm.com/support/pages/node/7254419 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:cloud_pak_system:2.3.4.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_system:2.3.4.1:-:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_system:2.3.4.1:ifix1:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_system:2.3.5.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_system:2.3.6.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:4.0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:4.0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:4.0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:4.0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:5.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:5.0.1.0:*:*:*:*:*:*:*
History

25 Feb 2026, 15:09

Type Values Removed Values Added
First Time Ibm cloud Pak System
Ibm
Ibm os Image For Red Hat Linux Systems
Summary
  • (es) IBM Cloud Pak System muestra información sensible en mensajes de usuario que podría ayudar en ataques posteriores contra el sistema.
References () https://www.ibm.com/support/pages/node/7254419 - () https://www.ibm.com/support/pages/node/7254419 - Vendor Advisory
CPE cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:5.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_system:2.3.4.1:ifix1:*:*:*:*:*:*
cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:4.0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:4.0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_system:2.3.4.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:5.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_system:2.3.4.1:-:*:*:*:*:*:*
cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:4.0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_system:2.3.5.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_system:2.3.6.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:os_image_for_red_hat_linux_systems:4.0.5.0:*:*:*:*:*:*:*

04 Feb 2026, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-04 21:15

Updated : 2026-02-25 15:09

NVD link : CVE-2023-38010

Mitre link : CVE-2023-38010

CVE.ORG link : CVE-2023-38010

JSON object : View

Products Affected

ibm

  • cloud_pak_system
  • os_image_for_red_hat_linux_systems
CWE
CWE-209

Generation of Error Message Containing Sensitive Information