CVE-2023-38005

MEDIUM

IBM Cloud Pak System 2.3.3.6-2.3.5.0 - Privilege Escalation

Title source: llm

Description

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls.

References (1)

[Various Sources] https://www.ibm.com/support/pages/node/7259955

Scores

CVSS v3 4.3

EPSS 0.0003

EPSS Percentile 7.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Classification

CWE

CWE-284

Status published

Affected Products (5)

ibm/cloud_pak_system

Timeline

Published Feb 17, 2026

Tracked Since Feb 18, 2026