CVE-2023-38367 Information

Description

IBM Cloud Pak Foundational Services Identity Provider (idP) API (IBM Cloud Pak for Automation 18.0.0 18.0.1 18.0.2 19.0.1 19.0.2 19.0.3 20.0.1 20.0.2 20.0.3 21.0.1 21.0.2 21.0.3 22.0.1 and 22.0.2) allows CRUD Operations with an invalid token. This could allow an unauthenticated attacker to view update delete or create an IdP configuration. IBM X-Force ID: 261130.

Reference

https://www.ibm.com/support/pages/node/7015271 https://exchange.xforce.ibmcloud.com/vulnerabilities/261130