exploitDog

GHSA-2w94-97wx-8cvr

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198923.

IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198923.

Ссылки

EPSS

Процентиль: 41%

0.00194

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2021-20540

CVSS3: 5.3

nvd

больше 4 лет назад

IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could disclose sensitive information to an unauthorized user through HTTP GET requests. This information could be used in further attacks against the system. IBM X-Force ID: 198923.

EPSS

Процентиль: 41%

0.00194

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-863