{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-38010", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2023-07-11T17:33:11.276Z", "datePublished": "2026-02-04T20:24:56.127Z", "dateUpdated": "2026-02-04T20:49:00.786Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:ibm:cloud_pak_system:2.3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_system:2.3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_system:2.3.4.1:ifix1:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_system:2.3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_system:2.3.6.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "Cloud Pak System", "vendor": "IBM", "versions": [{"status": "affected", "version": "2.3.4.0", "versionType": "semver"}, {"status": "affected", "version": "2.3.4.1", "versionType": "semver"}, {"status": "affected", "version": "2.3.4.1 Interim Fix 001", "versionType": "semver"}, {"status": "affected", "version": "2.3.5.0"}, {"status": "affected", "version": "2.3.6.0"}]}, {"defaultStatus": "unaffected", "product": "OS Image for Red Hat Linux Systems", "vendor": "IBM", "versions": [{"status": "affected", "version": "4.0.4.0"}, {"status": "affected", "version": "4.0.5.0"}, {"status": "affected", "version": "4.0.6.0"}, {"status": "affected", "version": "4.0.7.0"}, {"status": "affected", "version": "5.0.0.0"}, {"status": "affected", "version": "5.0.1.0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.</p>"}], "value": "IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-209", "description": "CWE-209 Generation of Error Message Containing Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-02-04T20:46:18.289Z"}, "references": [{"tags": ["vendor-advisory", "patch"], "url": "https://www.ibm.com/support/pages/node/7254419"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><p><strong>IBM strongly recommends addressing the vulnerabilities now by <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/node/7254396\">upgrading to version 2.3.6.1</a></strong><strong>. </strong></p><p>IBM Cloud Pak System provides OS image for Red Hat Enterprise Linux System 4.0.8.0 based on Red Hat Enterprise Linux 8.10 and OS image for Red Hat Enterprise Linux System 5.0.3 based on Red Hat Enterprise Linux 9.6. IBM Cloud Pak System provides IBM WebSphere Application Server Liberty V25.0.0.9; IBM Storage Scale is also upgraded to IBM Storage Scale V5.2.3.3.</p><p>For Power, contact IBM Support.</p><p>This Security bulletin applies to IBM Cloud Pak System, IBM Cloud Pak System Software, and IBM Cloud Pak System Software Suite.</p><p>Information on upgrading here <a target=\"_blank\" rel=\"nofollow\" href=\"http://www.ibm.com/support/docview.wss?uid=ibm10887959\">http://www.ibm.com/support/docview.wss?uid=ibm10887959</a></p></div><p>For unsupported versions the recommendation is to upgrade to a supported version of the product.</p><br>"}], "value": "IBM strongly recommends addressing the vulnerabilities now by http://www.ibm.com/support/docview.wss?uid=ibm10887959 \n\n\n\nFor unsupported versions the recommendation is to upgrade to a supported version of the product."}], "source": {"discovery": "UNKNOWN"}, "title": "Multiple Vulnerabilities in IBM Cloud Pak System", "x_generator": {"engine": "ibm-cvegen"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-04T20:48:48.904709Z", "id": "CVE-2023-38010", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-04T20:49:00.786Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-38010", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2023-07-11T17:33:11.276Z", "datePublished": "2026-02-04T20:24:56.127Z", "dateUpdated": "2026-02-04T20:49:00.786Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:ibm:cloud_pak_system:2.3.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_system:2.3.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_system:2.3.4.1:ifix1:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_system:2.3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:cloud_pak_system:2.3.6.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "Cloud Pak System", "vendor": "IBM", "versions": [{"status": "affected", "version": "2.3.4.0", "versionType": "semver"}, {"status": "affected", "version": "2.3.4.1", "versionType": "semver"}, {"status": "affected", "version": "2.3.4.1 Interim Fix 001", "versionType": "semver"}, {"status": "affected", "version": "2.3.5.0"}, {"status": "affected", "version": "2.3.6.0"}]}, {"defaultStatus": "unaffected", "product": "OS Image for Red Hat Linux Systems", "vendor": "IBM", "versions": [{"status": "affected", "version": "4.0.4.0"}, {"status": "affected", "version": "4.0.5.0"}, {"status": "affected", "version": "4.0.6.0"}, {"status": "affected", "version": "4.0.7.0"}, {"status": "affected", "version": "5.0.0.0"}, {"status": "affected", "version": "5.0.1.0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.</p>"}], "value": "IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-209", "description": "CWE-209 Generation of Error Message Containing Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-02-04T20:46:18.289Z"}, "references": [{"tags": ["vendor-advisory", "patch"], "url": "https://www.ibm.com/support/pages/node/7254419"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><p><strong>IBM strongly recommends addressing the vulnerabilities now by <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/support/pages/node/7254396\">upgrading to version 2.3.6.1</a></strong><strong>. </strong></p><p>IBM Cloud Pak System provides OS image for Red Hat Enterprise Linux System 4.0.8.0 based on Red Hat Enterprise Linux 8.10 and OS image for Red Hat Enterprise Linux System 5.0.3 based on Red Hat Enterprise Linux 9.6. IBM Cloud Pak System provides IBM WebSphere Application Server Liberty V25.0.0.9; IBM Storage Scale is also upgraded to IBM Storage Scale V5.2.3.3.</p><p>For Power, contact IBM Support.</p><p>This Security bulletin applies to IBM Cloud Pak System, IBM Cloud Pak System Software, and IBM Cloud Pak System Software Suite.</p><p>Information on upgrading here <a target=\"_blank\" rel=\"nofollow\" href=\"http://www.ibm.com/support/docview.wss?uid=ibm10887959\">http://www.ibm.com/support/docview.wss?uid=ibm10887959</a></p></div><p>For unsupported versions the recommendation is to upgrade to a supported version of the product.</p><br>"}], "value": "IBM strongly recommends addressing the vulnerabilities now by http://www.ibm.com/support/docview.wss?uid=ibm10887959 \n\n\n\nFor unsupported versions the recommendation is to upgrade to a supported version of the product."}], "source": {"discovery": "UNKNOWN"}, "title": "Multiple Vulnerabilities in IBM Cloud Pak System", "x_generator": {"engine": "ibm-cvegen"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-38010", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-04T20:48:48.904709Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-04T20:47:25.255Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system."}], "id": "CVE-2023-38010", "lastModified": "2026-02-04T21:15:55.890", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "psirt@us.ibm.com", "type": "Primary"}]}, "published": "2026-02-04T21:15:55.890", "references": [{"source": "psirt@us.ibm.com", "url": "https://www.ibm.com/support/pages/node/7254419"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-209"}], "source": "psirt@us.ibm.com", "type": "Primary"}]}

{}

{}