IBM Cloud Pak for Security (CP4S) 1.5.0.1

CPE Details

IBM Cloud Pak for Security (CP4S) 1.5.0.1
ibm
cloud_pak_for_security
1.5.0.1
2021-05-14
10h57 +00:00
2021-05-25
12h40 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:ibm:cloud_pak_for_security:1.5.0.1:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

cloud_pak_for_security

Version

1.5.0.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-29697 2021-08-02 16h35 +00:00 IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could allow a remote authenticated attacker to obtain sensitive information through HTTP requests that could be used in further attacks against the system.
4.9
Moyen
CVE-2021-29696 2021-08-02 16h35 +00:00 IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
7.2
Haute
CVE-2021-20565 2021-05-14 16h15 +00:00 IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism. IBM X-Force ID: 199236.
5.3
Moyen
CVE-2021-20564 2021-05-14 16h15 +00:00 IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 199235.
5.9
Moyen
CVE-2020-4811 2021-05-14 16h15 +00:00 IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation.
2.4
Bas
CVE-2021-20577 2021-05-10 16h20 +00:00 IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199281.
6.1
Moyen
CVE-2021-20538 2021-05-10 16h20 +00:00 IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive information or perform actions they should not have access to due to incorrect authorization mechanisms. IBM X-Force ID: 198919.
9.1
Critique