4 matches found
CVE-2019-4131
IBM Application Performance Management (IBM Monitoring 8.1.4) is affected by CVE-2019-4131, where a remote attacker could induce the Cloud APM server to perform server-side DNS lookups for arbitrary domain names. Affected products/versions: IBM Cloud Application Performance Management, Base Priva...
CVE-2020-4726
CVE-2020-4726 affects the IBM Cloud APM/IBM Application Performance Monitoring UI up to version 8.1.4. The description states that the UI allows web pages to be stored locally and read by another user on the same system, indicating a local access issue that could expose stored pages. The connecte...
CVE-2020-4725
CVE-2020-4725 affects IBM Cloud APM (IBM Monitoring) 8.1.4. An authenticated user can modify HTML content via a specially crafted HTTP request to the APM UI, potentially misleading another user. Root cause: UI content modification without proper access segregation. Impact is limited to HTML conte...
CVE-2020-4719
The CVE-2020-4719 vulnerability affects IBM Cloud APM 8.1.4 servers, where the APM server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration. This could allow an authenticated user with admin authorization to create DNS query strings...