Clear Text Storage of Sensitive Information in IBM Cloud Pak for Automation API Connection Log Files

Clear Text Storage of Sensitive Information in IBM Cloud Pak for Automation API Connection Log Files

CVE-2021-20358 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 stores potentially sensitive information in clear text in API connection log files. This information could be obtained by a user with permissions to read log files. IBM X-Force ID: 194965.

Learn more about our Api Penetration Testing.