Описание
IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could allow a remote authenticated attacker to obtain sensitive information through HTTP requests that could be used in further attacks against the system.
Ссылки
- VDB EntryVendor Advisory
- Vendor Advisory
- VDB EntryVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:cloud_pak_for_security:1.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_for_security:1.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_for_security:1.6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_for_security:1.6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_for_security:1.7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_for_security:1.7.1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00154
Низкий
4.9 Medium
CVSS3
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could allow a remote authenticated attacker to obtain sensitive information through HTTP requests that could be used in further attacks against the system.
EPSS
Процентиль: 37%
0.00154
Низкий
4.9 Medium
CVSS3
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo