IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198927.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/198927 | VDB Entry |
https://www.ibm.com/support/pages/node/6476940 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 Jul 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo |
06 Aug 2021, 17:13
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 5.3 |
CWE | CWE-863 | |
References | (CONFIRM) https://www.ibm.com/support/pages/node/6476940 - Patch, Vendor Advisory | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/198927 - VDB Entry | |
CPE | cpe:2.3:a:ibm:cloud_pak_for_security:1.7.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:cloud_pak_for_security:1.5.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:cloud_pak_for_security:1.7.1.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:cloud_pak_for_security:1.6.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:cloud_pak_for_security:1.6.1.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:cloud_pak_for_security:1.5.1.0:*:*:*:*:*:*:* |
02 Aug 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-08-02 17:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-20541
Mitre link : CVE-2021-20541
CVE.ORG link : CVE-2021-20541
JSON object : View
Products Affected
ibm
- cloud_pak_for_security
CWE