First published: Fri Dec 11 2020(Updated: )
IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote user to obtain sensitive information from HTTP response headers that could be used in further attacks against the system.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
=1.4.0.0 | ||
<=1.4.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-4815 is categorized with a medium severity level due to the potential exposure of sensitive information.
To fix CVE-2020-4815, upgrade IBM Cloud Pak for Security to a version higher than 1.4.0.0.
CVE-2020-4815 is an information disclosure vulnerability allowing remote users to access sensitive data from HTTP response headers.
Organizations utilizing IBM Cloud Pak for Security version 1.4.0.0 are potentially affected by CVE-2020-4815.
Yes, the information obtained from CVE-2020-4815 can be leveraged for subsequent attacks against the system.