Local File Access Vulnerability in IBM Cloud Pak System
CVE-2019-4465
4MEDIUM
Summary
A flaw in IBM Cloud Pak System versions 2.3 and 2.3.0.1 allows local web pages to be accessed by unauthorized users. This vulnerability could enable a user to view sensitive information stored in these pages, compromising the confidentiality of data within the system. It is crucial for organizations using these versions to apply necessary security measures and review user access controls.
Affected Version(s)
Cloud Pak System 2.3
Cloud Pak System 2.2
References
CVSS V3.1
Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved