CVE-2020-4811

Summary

IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation.

Affected Software

VendorProductVersion RangeStatus
IBMCloud Pak for Security1.4.0.0affected
IBMCloud Pak for Security1.6.0.0affected
IBMCloud Pak for Security1.5.0.1affected
IBMCloud Pak for Security1.5.0.0affected
IBMCloud Pak for Security1.6.0.1affected

Weaknesses

  • Data Manipulation

ADP Enrichment

CVE Program Container

Additional References

References