IBM Cloud Pak For Applications
By the Year
In 2024 there have been 0 vulnerabilities in IBM Cloud Pak For Applications . Cloud Pak For Applications did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 12 | 5.98 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Cloud Pak For Applications vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Cloud Pak For Applications Security Vulnerabilities
IBM Cloud Pak for Applications 4.3 could
CVE-2021-20424
4.3 - Medium
- July 13, 2021
IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. X-Force ID: 196309.
Generation of Error Message Containing Sensitive Information
IBM Cloud Pak for Applications 4.3 could allow an authenticated user gain escalated privilesges due to improper application permissions
CVE-2021-20423
8.8 - High
- July 13, 2021
IBM Cloud Pak for Applications 4.3 could allow an authenticated user gain escalated privilesges due to improper application permissions. IBM X-Force ID: 196308.
Incorrect Permission Assignment for Critical Resource
IBM Cloud Pak for Applications 4.3 could disclose sensitive information to a malicious attacker by accessing data stored in memory
CVE-2021-20422
7.5 - High
- July 13, 2021
IBM Cloud Pak for Applications 4.3 could disclose sensitive information to a malicious attacker by accessing data stored in memory. IBM X-Force ID: 196304.
Information Disclosure
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms
CVE-2021-20369
5.9 - Medium
- July 13, 2021
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195361.
Inadequate Encryption Strength
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting
CVE-2021-20368
5.4 - Medium
- July 13, 2021
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195357.
XSS
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting
CVE-2021-20366
5.4 - Medium
- July 13, 2021
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195037.
XSS
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting
CVE-2021-20365
5.4 - Medium
- July 13, 2021
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195036.
XSS
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting
CVE-2021-20364
5.4 - Medium
- July 13, 2021
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195035.
XSS
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting
CVE-2021-20363
5.4 - Medium
- July 13, 2021
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195034.
XSS
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting
CVE-2021-20362
5.4 - Medium
- July 13, 2021
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195033.
XSS
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting
CVE-2021-20361
5.4 - Medium
- July 13, 2021
IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195032.
XSS
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms
CVE-2021-20360
7.5 - High
- July 13, 2021
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 195031.
Inadequate Encryption Strength
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Cloud Pak For Applications or by IBM? Click the Watch button to subscribe.
