Описание
IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0 could allow an attacker with a valid API key for one tenant to access data from another tenant's account. IBM X-Force ID: 254136.
Ссылки
- VDB EntryVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.9.0.0 (включая) до 1.9.2.0 (включая)
cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00062
Низкий
6.8 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-200
CWE-200
Связанные уязвимости
CVSS3: 6.8
github
больше 2 лет назад
IBM Cloud Pak for Security (CP4S) 1.9.0.0 through 1.9.2.0 could allow an attacker with a valid API key for one tenant to access data from another tenant's account. IBM X-Force ID: 254136.
EPSS
Процентиль: 19%
0.00062
Низкий
6.8 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-200
CWE-200