Vulnerabilities > IBM > Cloud PAK FOR Security > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-09-30 CVE-2021-20578 Improper Authentication vulnerability in IBM Cloud PAK for Security 1.7.0.0/1.7.1.0/1.7.2.0
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform unauthorized actions due to improper or missing authentication controls.
network
low complexity
ibm CWE-287
critical
 9.8
9.8
2021-05-10 CVE-2021-20538 Incorrect Authorization vulnerability in IBM Cloud PAK for Security 1.5.0.0/1.5.0.1
IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive information or perform actions they should not have access to due to incorrect authorization mechanisms.
network
low complexity
ibm CWE-863
critical
 9.1
9.1
2020-11-30 CVE-2020-4627 Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Cloud PAK for Security 1.3.0.1
IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection.
network
low complexity
ibm CWE-1236
critical
 9.0
9.0