Medium Severity
Security Bulletin: IBM Cloud Pak for Security (CP4S) could reveal sensitive information to authenticated user (CVE-2020-4626)
Nov 25, 2020 7:00 pm EST
Categorized: Medium Severity
Share this post:
IBM Cloud Pak for Security (CP4S) could reveal sensitive information about the internal network to an authenticated user using a specially crafted HTTP request. The issue has been addressed.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| Cloud Pak for Security (CP4S) | 1.3.0.1 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6372534
Security Bulletin: IBM InfoSphere Information Server is affected by a cross-site request forgery vulnerability
Mar 3, 2021 7:00 pm EST | Medium Severity
A cross-site request forgery vulnerability was addressed by IBM InfoSphere Information Server. ...read more
Security Bulletin: IBM MQ Appliance is affected by a systemd vulnerability (CVE-2019-20386)
Mar 3, 2021 7:00 pm EST | Medium Severity
IBM MQ Appliance has resolved a systemd vulnerability. ...read more
Security Bulletin: IBM MQ Appliance is affected by libexpat vulnerabilities (CVE-2018-20843, CVE-2019-15903)
Mar 3, 2021 7:00 pm EST | Medium Severity
IBM MQ Appliance has resolved libexpat vulnerabilities. ...read more