The IBM Multicloud Manager ibm-mcm-chart contains sensitive information upon deployment.
CVEID: CVE-2019-4118 DESCRIPTION: IBM Multicloud Manager ibm-mcm-chart could allow a local attacker with admin privileges to obtain highly sensitive information upon deployment.
CVSS Base Score: 4.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158144> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)
IBM Multicloud Manager 3.1.0, 3.1.1, 3.1.2
Product defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages
For IBM Multicloud Manager 3.1.2, apply patch:
For IBM Multicloud Manager 3.1.1, apply patch:
For IBM Multicloud Manager 3.1.0:
None