Vulnerabilities > IBM > Cloud PAK FOR Applications > 3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-13 | CVE-2021-20366 | Cross-site Scripting vulnerability in IBM Cloud PAK for Applications IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. | 3.5 |
| 2021-07-13 | CVE-2021-20368 | Cross-site Scripting vulnerability in IBM Cloud PAK for Applications IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. | 3.5 |
| 2021-07-13 | CVE-2021-20369 | Inadequate Encryption Strength vulnerability in IBM Cloud PAK for Applications IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 4.3 |
| 2021-07-13 | CVE-2021-20422 | Information Exposure vulnerability in IBM Cloud PAK for Applications IBM Cloud Pak for Applications 4.3 could disclose sensitive information to a malicious attacker by accessing data stored in memory. | 5.0 |
| 2021-07-13 | CVE-2021-20423 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Cloud PAK for Applications IBM Cloud Pak for Applications 4.3 could allow an authenticated user gain escalated privilesges due to improper application permissions. | 6.5 |
| 2021-07-13 | CVE-2021-20424 | Information Exposure Through an Error Message vulnerability in IBM Cloud PAK for Applications IBM Cloud Pak for Applications 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.0 |