Improper Input Validation in IBM Cloud Pak for Security (CP4S) Allows Privileged User to Inject Malicious Data

CVE-2020-4811 · LOW Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation.

Learn more about our Cloud Audit.