Low Severity

Security Bulletin: IBM Cloud Pak For Security vulnerable to potential information disclosure through HTTP headers (CVE-2020-4967)

Share this post:

IBM Cloud Pak for Security 1.3.0.1 could disclose sensitive information through HTTP headers which could be used in further attacks against the system. Response headers include information that provide an attacker with clues that can be used to focus attacks for better results. This has been addressed in an update.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Cloud Pak for Security (CP4S) 1.3.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6408662

More stories

Security Bulletin: IBM CICS TX Advanced is vulnerable to information disclosure due to IBM WebSphere Application Server Liberty (CVE-2022-22393)

September 22, 2022 | Low Severity

WebSphere Application Server Liberty is used by IBM CICS TX Advanced to provide a web based administration console. The fix removes the information disclosure vulnerability CVE-2022-22393 from Liberty. ...read more


Security Bulletin: IBM CICS TX Standard is vulnerable to information disclosure due to IBM WebSphere Application Server Liberty (CVE-2022-22393)

September 22, 2022 | Low Severity

WebSphere Application Server Liberty is used by IBM CICS TX Standard to provide a web based administration console. The fix removes the information disclosure vulnerability CVE-2022-22393 from Liberty. ...read more


Security Bulletin: An information disclosure vulnerablity in IBM WebSphere Application Server Liberty affects TXSeries for Multiplatforms

September 22, 2022 | Low Severity

TXSeries for Multiplatforms has addressed the following information disclosure vulnerability in IBM® WebSphere Application Server Liberty ...read more