Information Disclosure Vulnerability in IBM Cloud Pak System
CVE-2020-4913
4.4MEDIUM
Summary
The vulnerability in IBM Cloud Pak System 2.3 allows local privileged users to potentially access sensitive credential information from HTTP responses. This issue may pose a risk to users by exposing critical data and could be exploited in an environment where local access is available. Organizations using the affected version of IBM Cloud Pak System should evaluate their security posture and apply necessary mitigations to protect sensitive information.
Affected Version(s)
Cloud Pak System 2.3
References
CVSS V3.1
Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved