Unauthorized Access to Admin Functions in IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3
CVE-2022-42438 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210.
Learn more about our Cloud Audit.