IBM Cloud Pak System Access Control Error Vulnerability

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An access control error vulnerability exists in IB...

Security Bulletin: Multiple Vulnerabilities in Lenovo XCC affect IBM Cloud Pak System

Summary Multiple Vulnerabilities in Lenovo XCC affect IBM Cloud Pak System. Vulnerabilities were addressed in IBM Cloud Pak System v2.3.6.1. Vulnerability Details CVEID:CVE-2023-20599 DESCRIPTION: Improper register access control in ASP may allow a privileged attacker to perform unauthorized acce...

CVE-2023-38005

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls...

CVE-2023-38265

CVE-2023-38265 is described in IBM’s Security Bulletin for IBM Cloud Pak System, noting that the product could disclose folder location information to an unauthenticated attacker via directory listing. Affected versions include Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0. The...

CVE-2023-38265

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could disclose folder location information to an unauthenticated attacker that could aid in further attacks against the system...

PT-2026-20210

Name of the Vulnerable Software and Affected Versions IBM Cloud Pak System versions 2.3.3.6 through 2.3.5.0 Description The software may reveal folder location details to attackers without requiring authentication, potentially assisting in subsequent attacks. Recommendations Update to a version...

IBM Cloud Pak System 安全漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An information disclosure vulnerability exists in...

IBM Cloud Pak System 访问控制错误漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An access control error vulnerability exists in IB...

CVE-2023-38017

IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

IBM Cloud Pak System 安全漏洞

IBM Cloud Pak System is a fully configurable and pre-integrated software-based, full-stack, integrated infrastructure provided by IBM. This product supports deployment across hybrid cloud environments, as well as management and mobile application scenarios. There is a security vulnerability in IB...

Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server Liberty affect IBM Cloud Pak System [CVE-2024-56339. CVE-2023-50314]

Summary Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-56339 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote attacker to bypass...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server Pattern shipped with IBM Cloud Pak System

Summary IBM Cloud Pak System WebSphere Application Server Pattern WAS pType is vulnerable to multiple vulnerabilities in IBM SDK. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker...

The vulnerability of the software for deploying and managing cloud-based corporate systems based on IBM Cloud Pak System allows a hacker to expose protected information.

The vulnerability related to deploying and managing the IBM Cloud Pak System-based cloud enterprise system involves shortcomings in the error reporting mechanism. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the software for deploying and managing cloud-based enterprise systems based on IBM Cloud Pak System allows a hacker to disclose protected information.

The vulnerability related to deploying and managing the IBM Cloud Pak System-based cloud enterprise system involves shortcomings in the error reporting mechanism. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the software for deploying and managing cloud-based corporate systems based on IBM Cloud Pak System allows a hacker to expose protected information.

The vulnerability related to deploying and managing the IBM Cloud Pak System based on containers involves the disclosure of information during data transmission. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

IBM Cloud Pak System 安全漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing, and moving application environments across hybrid clouds. A security vulnerability exists in IBM Cloud Pak...

IBM Cloud Pak System 安全漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. An information disclosure vulnerability exists in...

PT-2025-1440 · Ibm · Ibm Cloud Pak System

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak System versions 2.3.3.0 through 2.3.3.7 iFix1 Description: The issue is related to the disclosure of sensitive information in HTTP responses, which could aid in further attacks against the system. This could allow a remote...

PT-2025-1442 · Ibm · Ibm Cloud Pak System

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak System versions 2.3.3.0 through 2.3.3.7 iFix1 Description: The issue is related to deficiencies in the error reporting mechanism of IBM Cloud Pak System, which could allow a remote attacker to gain unauthorized access to protect...

IBM Cloud Pak System Security Vulnerability

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from International Business Machines IBM. The product supports deploying, managing and moving application environments across hybrid clouds. IBM Cloud Pak has a security vulnerability that...