Vulnerabilities > CVE-2020-4918 - Authorization Bypass Through User-Controlled Key vulnerability in IBM Cloud PAK System
Attack vector
LOCAL Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
IBM Cloud Pak System 2.3 could allow l local privileged user to disclose sensitive information due to an insecure direct object reference in sell service console for the Platform System Manager. IBM X-Force ID: 191392.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 7 |