This is not the latest report. Click
here to view the latest report.
CVSS v3.1 Statistics for IBM Corporation as of 07/29/2023
0
320
40
272
Reference
0-69.9%
|
Contributor |
85.0
Contributor
70-94.9%
Provider
95-100%
CVE | CNA Value | Alignment | NIST Value | Reason |
---|---|---|---|---|
CVE-2021-38933 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2021-39014 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | ≠ | User Interaction (UI) Required | Internet browsing, Link clicking and/or file interaction identified | |
Scope (S) Changed | Scope (S) Changed | |||
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-43908 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) Low | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2022-43910 (7 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | ≠ | Privileges Required (PR) Low | Local attacker typically implies some privilege level needed | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-23487 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-25929 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) Required | User Interaction (UI) Required | |||
Scope (S) Unchanged | ≠ | Scope (S) Changed | Security boundary cross identified | |
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-26023 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | ≠ | Privileges Required (PR) None | No privileges needed by attacker identified by NVD analyst | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-26026 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | ≠ | Confidentiality (C) High | No limiting factors for confidentiality listed | |
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-27540 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-27558 (7 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | ≠ | Privileges Required (PR) Low | Local attacker typically implies some privilege level needed | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-27866 (4 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | ≠ | Privileges Required (PR) None | No privileges needed by attacker identified by NVD analyst | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | ≠ | Confidentiality (C) High | No limiting factors for confidentiality listed | |
Integrity (I) Low | ≠ | Integrity (I) High | No limiting factors for integrity listed | |
Availability (A) Low | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2023-27867 (5 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | ≠ | Confidentiality (C) High | No limiting factors for confidentiality listed | |
Integrity (I) Low | ≠ | Integrity (I) High | No limiting factors for integrity listed | |
Availability (A) Low | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2023-27868 (5 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | ≠ | Confidentiality (C) High | No limiting factors for confidentiality listed | |
Integrity (I) Low | ≠ | Integrity (I) High | No limiting factors for integrity listed | |
Availability (A) Low | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2023-27869 (5 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | ≠ | Confidentiality (C) High | No limiting factors for confidentiality listed | |
Integrity (I) Low | ≠ | Integrity (I) High | No limiting factors for integrity listed | |
Availability (A) Low | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2023-27877 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | ≠ | Confidentiality (C) High | No limiting factors for confidentiality listed | |
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-28530 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) Required | User Interaction (UI) Required | |||
Scope (S) Changed | Scope (S) Changed | |||
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-28953 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-28955 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-28958 (5 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) None | ≠ | Privileges Required (PR) Low | Local attacker typically implies some privilege level needed | |
User Interaction (UI) Required | ≠ | User Interaction (UI) None | User Interaction not identified | |
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-29256 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-29259 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-29260 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | ≠ | Privileges Required (PR) Low | Privilege level not clearly identified to qualify as HIGH (typically "root" or "administrator") | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-30431 (7 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | ≠ | Privileges Required (PR) Low | Local attacker typically implies some privilege level needed | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-30433 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) Required | User Interaction (UI) Required | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | ≠ | Confidentiality (C) Low | Information leaked appears non-critical/sensitive | |
Integrity (I) High | ≠ | Integrity (I) Low | Integrity impact appears non-critical | |
Availability (A) None | Availability (A) None | |||
CVE-2023-30442 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-30445 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-30446 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-30447 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-30448 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-30449 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-30988 (7 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | ≠ | Privileges Required (PR) Low | Local attacker typically implies some privilege level needed | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-30989 (7 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | ≠ | Privileges Required (PR) Low | Local attacker typically implies some privilege level needed | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-30990 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | ≠ | Confidentiality (C) High | No limiting factors for confidentiality listed | |
Integrity (I) Low | ≠ | Integrity (I) High | No limiting factors for integrity listed | |
Availability (A) High | Availability (A) High | |||
CVE-2023-33832 (6 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | ≠ | Attack Complexity (AC) High | Race Condition identified | |
Privileges Required (PR) None | ≠ | Privileges Required (PR) Low | Local attacker typically implies some privilege level needed | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-33857 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-35012 (8 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | Privileges Required (PR) High | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-35890 (6 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) None | ≠ | Privileges Required (PR) Low | Local attacker typically implies some privilege level needed | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-35898 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | ≠ | Confidentiality (C) High | No limiting factors for confidentiality listed | |
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-35900 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | ≠ | Privileges Required (PR) None | No privileges needed by attacker identified by NVD analyst | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-35901 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | ≠ | Privileges Required (PR) None | No privileges needed by attacker identified by NVD analyst | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None |