Vulnerabilities > IBM > Cloud PAK FOR Multicloud Management Monitoring

DATE CVE VULNERABILITY TITLE RISK
2023-02-08 CVE-2022-42438 Forced Browsing vulnerability in IBM Cloud PAK for Multicloud Management Monitoring
IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths.
network
low complexity
ibm CWE-425
8.8
2022-06-30 CVE-2021-38941 Unspecified vulnerability in IBM Cloud PAK for Multicloud Management Monitoring 2.0.0/2.3.0
IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands.
network
low complexity
ibm
8.1
2021-03-09 CVE-2021-20341 Unspecified vulnerability in IBM Cloud PAK for Multicloud Management Monitoring 2.0.0/2.2.0
IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns potentially sensitive information in headers which could lead to further attacks against the system.
network
low complexity
ibm
5.3