Lucene search
IBM0DE86022AAF9C52E07A2F9CCB3CABECE31D2D9829D3665C50C8A015534933DFDHistoryJul 30, 2021 - 5:05 a.m.
Security Bulletin: A vulnerability has been found in IBM Cloud Pak for Applications v4.3 which may allow a malicious attacker to obtain sensitive user information from memory
2021-07-3005:05:50
www.ibm.com
7
ibm cloud pak
applications v4.3
vulnerability
sensitive information
memory
attacker
disclosure
fix
EPSS
0.001
Percentile
43.8%
Summary
A vulnerability has been found in IBM Cloud Pak for Applications v4.3 which may allow a malicious attacker to obtain sensitive user information from memory
Vulnerability Details
CVEID:CVE-2021-20422
**DESCRIPTION:**IBM Cloud Pak for Applications could disclose sensitive information to a malicious attacker by accessing data stored in memory.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/196304 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Cloud Pak for Applications | All |
Remediation/Fixes
IBM Cloud Pak for Applications v4.3.1 provides a solution to prevent the exposure of a malicious attacker to obtain sensitive user information from memory. No separate APAR is provided.
Workarounds and Mitigations
None
Related
nvd
nvd
CVE-2021-20422
2021-07-13 16:15:08
cvelist
cvelist
CVE-2021-20422
2021-07-13 16:10:46
cnvd
cnvd
cve
cve
CVE-2021-20422
2021-07-13 16:15:08
prion
prion
Code injection
2021-07-13 16:15:00
EPSS
0.001
Percentile
43.8%
Related for 0DE86022AAF9C52E07A2F9CCB3CABECE31D2D9829D3665C50C8A015534933DFD