cbcvebase.
CVE-2020-4918
published 2021-01-04

CVE-2020-4918: IBM Cloud Pak System 2.3 could allow l local privileged user to disclose sensitive information due to an insecure direct object reference in sell service…

medium4.4CVSS 3.1
AVLACLPRHUINSUCHINAN
IBM Cloud Pak System 2.3 could allow l local privileged user to disclose sensitive information due to an insecure direct object reference in sell service console for the Platform System Manager. IBM X-Force ID: 191392.

Affected

2 ranges
VendorProductVersion rangeFixed in
ibmcloud_pak_system
ibmcloud_pak_system>= 2.3.0.0 < 2.3.3.32.3.3.3