Medium Severity

Security Bulletin: IBM Cloud Pak for Security (CP4S) is potentially vulnerable to CVS injection (CVE-2020-4627)

Nov 25, 2020 7:00 pm EST

Categorized: Medium Severity

Share this post:

IBM Cloud Pak for Security (CP4S) potentially vulnerable to CVS Injection due to improper data sanitization. The issue has been addressed.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Cloud Pak for Security (CP4S) 1.3.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6372538


Previous Post

Security Bulletin: IBM TNPM Wireline is vulnerable to Apache Commons Codec.

Next Post

Security Bulletin: CP4S 1.3.0.1 fails to use HTTPOnly flag (CVE-2020-4625)
More stories

Security Bulletin: IBM InfoSphere Information Server is affected by a cross-site request forgery vulnerability

Mar 3, 2021 7:00 pm EST | Medium Severity

A cross-site request forgery vulnerability was addressed by IBM InfoSphere Information Server. ...read more

Security Bulletin: IBM MQ Appliance is affected by a systemd vulnerability (CVE-2019-20386)

Mar 3, 2021 7:00 pm EST | Medium Severity

IBM MQ Appliance has resolved a systemd vulnerability. ...read more

Security Bulletin: IBM MQ Appliance is affected by libexpat vulnerabilities (CVE-2018-20843, CVE-2019-15903)

Mar 3, 2021 7:00 pm EST | Medium Severity

IBM MQ Appliance has resolved libexpat vulnerabilities. ...read more