CVE-2021-39013

Опубликовано: 22 дек. 2021

Источник: nvd

CVSS3: 4.3

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

IBM Cloud Pak for Security (CP4S) 1.7.2.0, 1.7.1.0, and 1.7.0.0 could allow an authenticated user to obtain sensitive information in HTTP responses that could be used in further attacks against the system. IBM X-Force ID: 213651.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/213651
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6529200
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/213651
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6529200
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ibm:cloud_pak_for_security:1.7.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:cloud_pak_for_security:1.7.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.00162

Низкий

4.3 Medium

CVSS3

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-f59c-vrcv-x2gg

github

около 4 лет назад

EPSS

Процентиль: 37%

0.00162

Низкий

4.3 Medium

CVSS3

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200