Low Severity

Security Bulletin: IBM Cloud Pak For Security vulnerable to potential information disclosure through HTTP headers (CVE-2020-4967)

Share this post:

IBM Cloud Pak for Security 1.3.0.1 could disclose sensitive information through HTTP headers which could be used in further attacks against the system. Response headers include information that provide an attacker with clues that can be used to focus attacks for better results. This has been addressed in an update.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Cloud Pak for Security (CP4S) 1.3.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6408662

More stories

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities – Java SE (CVE-2020-14781)

Jun 15, 2021 8:01 pm EDT | Low Severity

IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE (CVE-2020-14781) ...read more


Security Bulletin: IBM MQ Appliance affected by an OpenSSL vulnerability (CVE-2020-1968)

Jun 15, 2021 8:00 pm EDT | Low Severity

IBM MQ Appliance has resolved and OpenSSL vulnerability. ...read more


Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities – Java SE (CVE-2020-2773)

Jun 15, 2021 8:00 pm EDT | Low Severity

IBM Resilient SOAR is Using Components with Known Vulnerabilities - Java SE. ...read more