Cloud Pak For Security Security Vulnerabilities and Issues — Page 2 of Cloud Pak For Security CVE List

Lucene search

IbmCloud Pak For Security

55 matches found

CVE•added 2021/01/27 1:15 p.m.•32 views

CVE-2020-4820

IBM Cloud Pak for Security (CP4S) 1.4.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

6.1CVSS5.9AI score0.00188EPSS

CVE•added 2021/05/10 5:15 p.m.•32 views

CVE-2021-20577

IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ...

6.1CVSS6.1AI score0.00172EPSS

CVE•added 2021/01/27 1:15 p.m.•30 views

CVE-2020-4967

IBM Cloud Pak for Security (CP4S) 1.3.0.1 could disclose sensitive information through HTTP headers which could be used in further attacks against the system. IBM X-Force ID: 192425.

4.3CVSS4.2AI score0.00156EPSS

CVE•added 2021/05/10 5:15 p.m.•30 views

CVE-2021-20538

IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive information or perform actions they should not have access to due to incorrect authorization mechanisms. IBM X-Force ID: 198919.

9.1CVSS8.5AI score0.00127EPSS

CVE•added 2021/05/14 5:15 p.m.•29 views

CVE-2020-4811

IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation.

4CVSS4.2AI score0.00077EPSS

Total number of security vulnerabilities55