Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-37405

IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 stores sensitive data in memory, that could be obtained by an unauthorized user.

Published

2025-03-27T18:17:28.463

Last Modified

2025-08-18T18:46:32.490

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-311

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	cloud_pak_system	2.3.1.1	Yes
Application	ibm	cloud_pak_system	2.3.3.0	Yes
Application	ibm	cloud_pak_system	2.3.3.3	Yes
Application	ibm	cloud_pak_system	2.3.3.3	Yes
Application	ibm	cloud_pak_system	2.3.3.4	Yes
Application	ibm	cloud_pak_system	2.3.3.5	Yes
Application	ibm	cloud_pak_system	2.3.3.6	Yes
Application	ibm	cloud_pak_system	2.3.3.6	Yes
Application	ibm	cloud_pak_system	2.3.3.6	Yes
Application	ibm	cloud_pak_system	2.3.3.7	Yes
Application	ibm	cloud_pak_system	2.3.3.7	Yes
Application	ibm	cloud_pak_system	2.3.4.0	Yes
Application	ibm	cloud_pak_system	2.3.4.1	Yes
Application	ibm	cloud_pak_system_software_suite	2.3.2.0	Yes

References

https://www.ibm.com/support/pages/node/7229212 Vendor Advisory ([email protected])