Unrated severityNVD Advisory· Published Apr 27, 2023· Updated Jan 30, 2025

IBM Watson Machine Learning on Cloud Pak for Data server-side request forgery

CVE-2023-30444

Description

IBM Watson Machine Learning on Cloud Pak for Data 4.0 and 4.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 253350.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

IBM/Watson Machine Learning on Cloud Pak for Datallm-create2 versions
4.0, 4.5+ 1 more
- (no CPE)range: 4.0, 4.5
- (no CPE)range: 4.0, 4.5

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

www.ibm.com/support/pages/node/6985859mitrevendor-advisoryvdb-entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000