Cloud Pak System Security Vulnerabilities and Issues — Cloud Pak System CVE List

Lucene search

IbmCloud Pak System

7 matches found

CVE•added 2025/01/25 2:15 p.m.•43 views

CVE-2023-38271

IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could allow an authenticated user to obtain sensitive information from log files.

4.3CVSS4.3AI score0.00035EPSS

CVE•added 2019/12/03 3:15 p.m.•33 views

CVE-2019-4465

IBM Cloud Pak System 2.3 and 2.3.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 163774.

4CVSS4.3AI score0.00081EPSS

CVE•added 2021/01/04 2:15 p.m.•33 views

CVE-2020-4910

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191274.

4.8CVSS5.2AI score0.00213EPSS

CVE•added 2021/01/04 2:15 p.m.•32 views

CVE-2020-4913

IBM Cloud Pak System 2.3 could reveal credential information in the HTTP response to a local privileged user. IBM X-Force ID: 191288.

4.4CVSS5AI score0.00043EPSS

CVE•added 2021/01/04 2:15 p.m.•31 views

CVE-2020-4909

4.8CVSS5.2AI score0.00162EPSS

CVE•added 2021/01/04 2:15 p.m.•30 views

CVE-2020-4918

IBM Cloud Pak System 2.3 could allow l local privileged user to disclose sensitive information due to an insecure direct object reference in sell service console for the Platform System Manager. IBM X-Force ID: 191392.

4.4CVSS5AI score0.0004EPSS

CVE•added 2021/07/20 5:15 p.m.•29 views

CVE-2021-20478

IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of another user in self service console. IBM X-Force ID: 197497.

4CVSS3.7AI score0.00036EPSS