Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cloud_pak_for_security
(Ibm)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 36 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-05-10 | CVE-2021-20577 | IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199281. | Cloud_pak_for_security | 6.1 | ||
2021-01-27 | CVE-2020-4967 | IBM Cloud Pak for Security (CP4S) 1.3.0.1 could disclose sensitive information through HTTP headers which could be used in further attacks against the system. IBM X-Force ID: 192425. | Cloud_pak_for_security | 4.3 | ||
2021-01-27 | CVE-2020-4820 | IBM Cloud Pak for Security (CP4S) 1.4.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | Cloud_pak_for_security | 6.1 | ||
2021-01-27 | CVE-2020-4815 | IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote user to obtain sensitive information from HTTP response headers that could be used in further attacks against the system. | Cloud_pak_for_security | 5.3 | ||
2021-01-27 | CVE-2020-4628 | IBM Cloud Pak for Security (CP4S) 1.3.0.1 and 1.4.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 185369. | Cloud_pak_for_security | 5.3 | ||
2020-11-30 | CVE-2020-4624 | IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms during negotiation could allow an attacker to decrypt sensitive information. | Cloud_pak_for_security | 5.3 |