CVE-2024-43191
- EPSS 0.22%
- Published 26.09.2024 16:15:08
- Last modified 15.08.2025 14:14:21
IBM ManageIQ could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted yaml file request.
CVE-2023-46175
- EPSS 0.1%
- Published 26.09.2024 14:15:07
- Last modified 08.08.2025 01:48:47
IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file plain clear text which can be read by a privileged user.
CVE-2022-42438
- EPSS 0.06%
- Published 08.02.2023 19:15:11
- Last modified 21.11.2024 07:24:58
IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210.
CVE-2021-38941
- EPSS 0.1%
- Published 30.06.2022 17:15:07
- Last modified 21.11.2024 06:18:15
IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. IBM X-Force...
CVE-2021-20341
- EPSS 0.14%
- Published 09.03.2021 15:15:14
- Last modified 21.11.2024 05:46:25
IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns potentially sensitive information in headers which could lead to further attacks against the system. IBM X-Force ID: 194513.