Ibm Cloud Pak System Software Suite vulnerabilities

2 known vulnerabilities affecting ibm/cloud_pak_system_software_suite.

Total CVEs

2

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

MEDIUM2

Vulnerabilities

Page 1 of 1

CVE-2023-37405MEDIUMCVSS 6.5v2.3.2.02025-03-27

CVE-2023-37405 [MEDIUM] CWE-311 CVE-2023-37405: IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3 IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 stores sensitive data in memory, that could be obtained by an unauthorized user.

CVE-2020-4914MEDIUMCVSS 5.5≥ 2.3.3.0, ≤ 2.3.3.52023-05-05

CVE-2020-4914 [MEDIUM] CWE-613 CVE-2020-4914: IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which co IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 191290.