Summary Multiple vulnerabilities affecting IBM Fusion HCI and IBM Fusion HCI for watsonx could have resulted in reduced security. These issues have since been resolved. CVE-2023-5115, CVE-2023-5764, CVE-2024-9902, CVE-2024-8775, CVE-2024-11079, CVE-2024-9506, CVE-2024-43799, CVE-2024-6119, CVE-2024-9880, CVE-2024-21536, CVE-2024-47535, CVE-2025-27152, CVE-2025-22868, CVE-2025-27516, CVE-2025-30204, CVE-2024-11831, CVE-2024-55885, CVE-2024-56326, CVE-2024-56201, CVE-2024-57965, CVE-2024-43800, CVE-2024-52798, CVE-2024-12797, CVE-2024-6783, CVE-2024-4067, CVE-2025-24970, CVE-2024-29041, CVE-2024-43796, CVE-2024-51744, CVE-2024-45590, CVE-2024-6827, CVE-2024-47764, CVE-2024-55565, CVE-2024-21538, CVE-2024-45338, CVE-2024-45296, CVE-2025-25193, CVE-2024-45339. Vulnerability Details CVEID:CVE-2023-5115 DESCRIPTION: An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path. CWE:CWE-36: Absolute Path Traversal CVSS Source: IBM X-Force CVSS Base score: 6.3 CVSS Vector:(CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N) CVEID:CVE-2023-5764 DESCRIPTION: A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating…Read More