PT-2021-14043 · Ibm · Ibm Cloud Pak For Security

Published

2021-05-14

Updated

2021-05-20

CVE-2021-20565

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak for Security (CP4S) versions 1.4.0.0 through 1.6.0.1

Description: The issue arises because the protection mechanism in IBM Cloud Pak for Security relies on the existence or values of an input, but this input can be modified by an untrusted actor to bypass the protection mechanism.

Recommendations: For versions 1.4.0.0 through 1.6.0.1, at the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-20565

Affected Products

Ibm Cloud Pak For Security

PT-2021-14043 · Ibm · Ibm Cloud Pak For Security

CVE-2021-20565

Related Identifiers

Affected Products

References · 5