Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2023-38367

IBM Cloud Pak Foundational Services Identity Provider (idP) API (IBM Cloud Pak for Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2) allows CRUD Operations with an invalid token. This could allow an unauthenticated attacker to view, update, delete or create an IdP configuration. IBM X-Force ID: 261130.

  • Published: Feb 29, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2023-38367
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

No CWE or OWASP classifications available.

Software From Fixed in
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_007 21.0.1-interim_fix_007.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_004 21.0.1-interim_fix_004.x
ibm / cloud_pak_for_business_automation 21.0.1 21.0.1.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_002 21.0.1-interim_fix_002.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_003 21.0.1-interim_fix_003.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_006 21.0.1-interim_fix_006.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_001 21.0.1-interim_fix_001.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_005 21.0.1-interim_fix_005.x
ibm / cloud_pak_for_business_automation 21.0.2 21.0.2.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_001 21.0.2-interim_fix_001.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_002 21.0.2-interim_fix_002.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_003 21.0.2-interim_fix_003.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_004 21.0.2-interim_fix_004.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_005 21.0.2-interim_fix_005.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_006 21.0.2-interim_fix_006.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_007 21.0.2-interim_fix_007.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_008 21.0.2-interim_fix_008.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_009 21.0.2-interim_fix_009.x
ibm / cloud_pak_for_business_automation 21.0.3 21.0.3.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_001 21.0.3-interim_fix_001.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_002 21.0.3-interim_fix_002.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_003 21.0.3-interim_fix_003.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_004 21.0.3-interim_fix_004.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_005 21.0.3-interim_fix_005.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_006 21.0.3-interim_fix_006.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_007 21.0.3-interim_fix_007.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_008 21.0.3-interim_fix_008.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_009 21.0.3-interim_fix_009.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_010 21.0.3-interim_fix_010.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_011 21.0.3-interim_fix_011.x
ibm / cloud_pak_for_business_automation 18.0.0 18.0.0.x
ibm / cloud_pak_for_business_automation 18.0.2 18.0.2.x
ibm / cloud_pak_for_business_automation 20.0.1 20.0.1.x
ibm / cloud_pak_for_business_automation 20.0.3 20.0.3.x
ibm / cloud_pak_for_business_automation 19.0.1 19.0.1.x
ibm / cloud_pak_for_business_automation 19.0.3 19.0.3.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_0012 21.0.2-interim_fix_0012.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_010 21.0.2-interim_fix_010.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_011 21.0.2-interim_fix_011.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_012 21.0.2-interim_fix_012.x
ibm / cloud_pak_for_business_automation 22.0.2 22.0.2.x
ibm / cloud_pak_for_business_automation 22.0.2-interim_fix_001 22.0.2-interim_fix_001.x
ibm / cloud_pak_for_business_automation 22.0.1 22.0.1.x
ibm / cloud_pak_for_business_automation 22.0.1-interim_fix_001 22.0.1-interim_fix_001.x
ibm / cloud_pak_for_business_automation 22.0.1-interim_fix_002 22.0.1-interim_fix_002.x
ibm / cloud_pak_for_business_automation 22.0.1-interim_fix_003 22.0.1-interim_fix_003.x
ibm / cloud_pak_for_business_automation 18.0.1 18.0.1.x
ibm / cloud_pak_for_business_automation 22.0.1-interim_fix_004 22.0.1-interim_fix_004.x
ibm / cloud_pak_for_business_automation 22.0.1-interim_fix_005 22.0.1-interim_fix_005.x
ibm / cloud_pak_for_business_automation 20.0.2 20.0.2.x
ibm / cloud_pak_for_business_automation 19.0.2 19.0.2.x
ibm / cloud_pak_for_business_automation 22.0.1-interim_fix_006 22.0.1-interim_fix_006.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_012 21.0.3-interim_fix_012.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_013 21.0.3-interim_fix_013.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_014 21.0.3-interim_fix_014.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_015 21.0.3-interim_fix_015.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_016 21.0.3-interim_fix_016.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_017 21.0.3-interim_fix_017.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_018 21.0.3-interim_fix_018.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_019 21.0.3-interim_fix_019.x
ibm / cloud_pak_for_business_automation 22.0.2-interim_fix_002 22.0.2-interim_fix_002.x
ibm / cloud_pak_for_business_automation 22.0.2-interim_fix_003 22.0.2-interim_fix_003.x
ibm / cloud_pak_for_business_automation 22.0.2-interim_fix_004 22.0.2-interim_fix_004.x
ibm / cloud_pak_for_business_automation 22.0.2-interim_fix_005 22.0.2-interim_fix_005.x
ibm / cloud_pak_for_business_automation 22.0.2-interim_fix_006 22.0.2-interim_fix_006.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_020 21.0.3-interim_fix_020.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_021 21.0.3-interim_fix_021.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_022 21.0.3-interim_fix_022.x
ibm / cloud_pak_for_business_automation 23.0.1 23.0.1.x