2 matches found
CVE-2020-4815
CVE-2020-4815 affects IBM Cloud Pak for Security (CP4S) 1.4.0.0 and allows a remote attacker to obtain sensitive information from HTTP response headers, enabling potential follow-on attacks. The IBM security bulletin notes the vulnerability as an information disclosure issue with a CVSS v3 base s...
Security Bulletin: IBM Cloud Pak for Security could allow a remote user to obtain sensitive information from HTTP response headers (CVE-2020-4815)
Summary In Cloud Pak for Security 1.4.0.0, a remote user may be able to obtain sensitive information from HTTP response that could be utilised by an attacker. This has been addressed in an update. Vulnerability Details CVEID: CVE-2020-4815 DESCRIPTION: IBM Cloud Pak for Security CP4S could allow ...