Lucene search
IBM82EE9FDDE3124D466C3B22E39954AA90FF89146EA9F43D97159B98971982A142HistoryJul 30, 2021 - 5:04 a.m.
Security Bulletin: A vulnerability has been found in IBM Cloud Pak for Applications v4.3 where insecure http communications is used
2021-07-3005:04:53
www.ibm.com
11
ibm cloud pak for applications
vulnerability
insecure communications
cve-2021-20360
cryptographic algorithms
cvss score
EPSS
0.001
Percentile
43.8%
Summary
A vulnerability has been found in IBM Cloud Pak for Applications v4.3 where insecure http communications is used
Vulnerability Details
CVEID:CVE-2021-20360
**DESCRIPTION:**IBM Cloud Pak for Applications uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/195031 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Cloud Pak for Applications | All |
Remediation/Fixes
IBM Cloud Pak for Applications 4.3.1 no longer exposes an unsecured http communication. No separate APAR is provided.
Workarounds and Mitigations
None
Related
nvd
nvd
CVE-2021-20360
2021-07-13 16:15:07
cve
cve
CVE-2021-20360
2021-07-13 16:15:07
prion
prion
Design/Logic Flaw
2021-07-13 16:15:00
cnvd
cnvd
cvelist
cvelist
CVE-2021-20360
2021-07-13 16:10:31
EPSS
0.001
Percentile
43.8%
Related for 82EE9FDDE3124D466C3B22E39954AA90FF89146EA9F43D97159B98971982A142