CVE-2023-38005 – This vulnerability in IBM Cloud Pak System allo... (How to Fix)

📋 TL;DR

This vulnerability in IBM Cloud Pak System allows authenticated users to perform unauthorized actions due to improper access controls. It affects IBM Cloud Pak System versions 2.3.3.6 through 2.3.5.0, potentially enabling privilege escalation or unauthorized data access.

💻 Affected Systems

Products:

IBM Cloud Pak System

Versions: 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, 2.3.5.0

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated user access; all deployments of affected versions are vulnerable.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker could escalate privileges to administrative level, access sensitive data, or modify system configurations.

🟠

Likely Case

Authenticated users could access resources or perform actions beyond their intended permissions, potentially leading to data exposure or configuration changes.

🟢

If Mitigated

With proper access controls and monitoring, impact would be limited to minor unauthorized actions within authenticated user scope.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access but leverages improper access controls which are typically easy to exploit once identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply fix as per IBM advisory

Vendor Advisory: https://www.ibm.com/support/pages/node/7259955

Restart Required: Yes

Instructions:

1. Review IBM advisory at provided URL
2. Apply recommended fix or upgrade to patched version
3. Restart affected services
4. Verify fix implementation

🔧 Temporary Workarounds

Restrict User Access

all

Limit authenticated user permissions to minimum required for their role

Enhanced Monitoring

all

Implement strict monitoring of user activities and access patterns

🧯 If You Can't Patch

Implement strict principle of least privilege for all authenticated users
Enable detailed audit logging and monitor for unusual access patterns

🔍 How to Verify

Check if Vulnerable:

Check IBM Cloud Pak System version against affected versions list

Check Version:

Check system documentation or admin interface for version information

Verify Fix Applied:

Verify version is updated beyond affected range and test access controls

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts
User performing actions beyond their role
Access control violation logs

Network Indicators:

Unusual authenticated user activity patterns

SIEM Query:

search user=* action=* where action not in allowed_actions_for_user

📊 Metadata

CVE ID: CVE-2023-38005

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE: CWE-284

Published: February 17, 2026

Last Updated: February 20, 2026

🔗 References

https://www.ibm.com/support/pages/node/7259955 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-38005, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Cloud Pak System by Ibm

Cloud Pak System by Ibm

Cloud Pak System by Ibm

Cloud Pak System by Ibm

Cloud Pak System by Ibm

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict User Access

Enhanced Monitoring

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities