Privilege Escalation Vulnerability in IBM Cloud Pak for Applications
CVE-2021-20423

8.8HIGH

Key Information:

Vendor: IBM
Status: Cloud Pak For Applications
Vendor: CVE Published:; 13 July 2021

Summary

IBM Cloud Pak for Applications version 4.3 contains a vulnerability that enables authenticated users to gain escalated privileges due to improper handling of application permissions. This flaw may allow unauthorized access to sensitive features and functions within the application, which can compromise the security and integrity of the system. Addressing this issue is crucial for maintaining robust security within IBM Cloud Pak for Applications.

Affected Version(s)

Cloud Pak for Applications 4.3

References

https://www.ibm.com/support/pages/node/6471329

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/196308

vdb-entryx_refsource_XF

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 13, 2021
Vulnerability Reserved
Dec 17, 2020