CVE-2023-33842: IBM SPSS Modeler information disclosure

6.2 CVSS

Description

IBM SPSS Modeler on Windows 17.0, 18.0, 18.2.2, 18.3, 18.4, and 18.5 requires the end user to have access to the server SSL key which could allow a local user to decrypt and obtain sensitive information. IBM X-Force ID: 256117.

Classification

CVE ID: CVE-2023-33842

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.2

Affected Products

Vendor: IBM

Product: SPSS Modeler

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 5.06% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://https://www.ibm.com/support/pages/node/7004299
https://exchange.xforce.ibmcloud.com/vulnerabilities/256117

Timeline

2024-12-05 00:31:58 UTC
CVE

IBM SPSS Modeler information disclosure