CVE Vulnerabilities

CVE-2021-20541

Published: Aug 02, 2021 | Modified: Jul 12, 2022
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198927.

Affected Software

Name Vendor Start Version End Version
Cloud_pak_for_security Ibm 1.5.0.0 (including) 1.5.0.0 (including)
Cloud_pak_for_security Ibm 1.5.1.0 (including) 1.5.1.0 (including)
Cloud_pak_for_security Ibm 1.6.0.0 (including) 1.6.0.0 (including)
Cloud_pak_for_security Ibm 1.6.1.0 (including) 1.6.1.0 (including)
Cloud_pak_for_security Ibm 1.7.0.0 (including) 1.7.0.0 (including)
Cloud_pak_for_security Ibm 1.7.1.0 (including) 1.7.1.0 (including)

References