VYPR

Cloud Pak for Multicloud Management

by IBM

CVEs (6)

  • CVE-2024-43191Sep 26, 2024
    risk 0.00cvss epss 0.01

    IBM ManageIQ could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted yaml file request.

  • CVE-2023-46175Sep 26, 2024
    risk 0.00cvss epss 0.00

    IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file plain clear text which can be read by a privileged user.

  • CVE-2022-42438Feb 8, 2023
    risk 0.00cvss epss 0.01

    IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210.

  • CVE-2021-38941Jun 30, 2022
    risk 0.00cvss epss 0.01

    IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. IBM X-Force ID: 211048.

  • CVE-2020-4765May 19, 2021
    risk 0.00cvss epss 0.00

    IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 188902.

  • CVE-2021-20341Mar 9, 2021
    risk 0.00cvss epss 0.01

    IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns potentially sensitive information in headers which could lead to further attacks against the system. IBM X-Force ID: 194513.