CRITICAL🇬🇧 English

CVE-2020-4627

CVSS 9.0v3.1pub. 2020-11-30upd. 2024-11-21

IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 185367.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
  • IBM Cloud Pak For Security

    APP
    Ibm
    1.3.0.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2025-25022CRITICAL9.6PL ✓ten sam produkt

IBM QRadar Suite / Cloud Pak for Security: ujawnienie danych w plikach konfiguracyjnych

CVE-2021-20578CRITICAL9.8ten sam produkt

IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform un...

CVE-2021-20538CRITICAL9.1ten sam produkt

IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive information or pe...

CVE-2025-25021HIGH7.2ten sam produkt

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0...

CVE-2023-47726HIGH7.1ten sam produkt

IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21...