IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines (IBM). The product supports deploying, managing and moving application environments across hybrid clouds. An information disclosure vulnerability exists in IBM Cloud Pak System versions 2.3.1.1, 2.3.2.0, and 2.3.3.7, which can be exploited by an attacker to brute-force account credentials.