Information Exposure Vulnerability in IBM Cloud Pak for Multicloud Management Monitoring
CVE-2021-20341

5.3MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
9 March 2021

Summary

The vulnerability allows IBM Cloud Pak for Multicloud Management Monitoring 2.2 to inadvertently disclose potentially sensitive information within HTTP response headers. This leakage of information could be leveraged by an attacker to orchestrate further attacks against the system. Organizations utilizing this product should assess their security configurations and implement necessary precautions to mitigate potential risks.

Affected Version(s)

Cloud Pak for Multicloud Management Monitoring 2.2

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.