CRITICAL🇬🇧 English

CVE-2021-20578

CVSS 9.8v3.1pub. 2021-09-30upd. 2024-11-21

IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform unauthorized actions due to improper or missing authentication controls. IBM X-Force ID: 199282.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • IBM Cloud Pak For Security

    APP
    Ibm
    1.7.0.01.7.1.01.7.2.0
  • Red Hat Openshift

    APP
    Redhat
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2025-25022CRITICAL9.6PL ✓ten sam produkt

IBM QRadar Suite / Cloud Pak for Security: ujawnienie danych w plikach konfiguracyjnych

CVE-2013-4561CRITICAL9.1ten sam produkt

In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This ma...

CVE-2021-20538CRITICAL9.1ten sam produkt

IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive information or pe...

CVE-2020-4627CRITICAL9.0ten sam produkt

IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. A remote attacker could exec...

CVE-2014-0234CRITICAL9.8ten sam produkt

The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "moo...