Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2023-38017 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2023-38017

CVE-2023-38017

MEDIUM5.3

Multiple Vulnerabilities in IBM Cloud Pak System

Published Feb 4, 2026

Modified 3 weeks ago

Details

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

References

https://www.cve.org/CVERecord?id=CVE-2023-38017

https://www.ibm.com/support/pages/node/7254419

CVSS Analysis

CVSS v3.1

5.3

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

LowC:L

Integrity

NoneI:N

Availability

NoneA:N

5.3/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Weakness Type (CWE)

Information Disclosure

Error Message Info Leak

Ecosystems

Timeline

PublishedFeb 4, 2026

ModifiedFeb 5, 2026