Information Exposure Vulnerability in IBM Cloud Pak for Multicloud Management Monitoring
CVE-2021-20341
5.3MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 9 March 2021
Summary
The vulnerability allows IBM Cloud Pak for Multicloud Management Monitoring 2.2 to inadvertently disclose potentially sensitive information within HTTP response headers. This leakage of information could be leveraged by an attacker to orchestrate further attacks against the system. Organizations utilizing this product should assess their security configurations and implement necessary precautions to mitigate potential risks.
Affected Version(s)
Cloud Pak for Multicloud Management Monitoring 2.2
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved