Cloud Pak System Security Vulnerabilities and Issues — Cloud Pak System CVE List

Lucene search

IbmCloud Pak System

6 matches found

CVE•added 2019/12/03 3:15 p.m.•35 views

CVE-2019-4465

IBM Cloud Pak System 2.3 and 2.3.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 163774.

4CVSS4.3AI score0.00081EPSS

CVE•added 2021/01/04 2:15 p.m.•34 views

CVE-2020-4910

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191274.

4.8CVSS5.2AI score0.00213EPSS

CVE•added 2021/01/04 2:15 p.m.•33 views

CVE-2020-4913

IBM Cloud Pak System 2.3 could reveal credential information in the HTTP response to a local privileged user. IBM X-Force ID: 191288.

4.4CVSS5AI score0.00043EPSS

CVE•added 2021/07/20 5:15 p.m.•33 views

CVE-2021-20478

IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of another user in self service console. IBM X-Force ID: 197497.

4CVSS3.7AI score0.00036EPSS

CVE•added 2021/01/04 2:15 p.m.•32 views

CVE-2020-4909

4.8CVSS5.2AI score0.00162EPSS

CVE•added 2021/01/04 2:15 p.m.•31 views

CVE-2020-4918

IBM Cloud Pak System 2.3 could allow l local privileged user to disclose sensitive information due to an insecure direct object reference in sell service console for the Platform System Manager. IBM X-Force ID: 191392.

4.4CVSS5AI score0.0004EPSS