Information Disclosure Vulnerability in IBM Cloud Pak System
CVE-2020-4913

4.4MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
4 January 2021

Summary

The vulnerability in IBM Cloud Pak System 2.3 allows local privileged users to potentially access sensitive credential information from HTTP responses. This issue may pose a risk to users by exposing critical data and could be exploited in an environment where local access is available. Organizations using the affected version of IBM Cloud Pak System should evaluate their security posture and apply necessary mitigations to protect sensitive information.

Affected Version(s)

Cloud Pak System 2.3

References

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.