Event Streams
by IBM
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-29792 | 0.00 | — | 0.00 | Jul 12, 2021 | IBM Event Streams 10.0, 10.1, 10.2, and 10.3 could allow a user the CA private key to create their own certificates and deploy them in the cluster and gain privileges of another user. IBM X-Force ID: 203450. | |||
| CVE-2020-4662 | 0.00 | — | 0.01 | Aug 14, 2020 | IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. IBM X-Force ID: 186233. | |||
| CVE-2018-1833 | 0.00 | — | 0.02 | Dec 18, 2018 | IBM Event Streams 2018.3.0 could allow a remote attacker to submit an API request with a fake Host request header. An attacker, who has already gained authorised access via the CLI, could exploit this vulnerability to spoof the request header. IBM X-Force ID: 150507. |
- CVE-2021-29792Jul 12, 2021risk 0.00cvss —epss 0.00
IBM Event Streams 10.0, 10.1, 10.2, and 10.3 could allow a user the CA private key to create their own certificates and deploy them in the cluster and gain privileges of another user. IBM X-Force ID: 203450.
- CVE-2020-4662Aug 14, 2020risk 0.00cvss —epss 0.01
IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. IBM X-Force ID: 186233.
- CVE-2018-1833Dec 18, 2018risk 0.00cvss —epss 0.02
IBM Event Streams 2018.3.0 could allow a remote attacker to submit an API request with a fake Host request header. An attacker, who has already gained authorised access via the CLI, could exploit this vulnerability to spoof the request header. IBM X-Force ID: 150507.