CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 0CVE-2022-42438 – IBM Cloud Pak for Multicloud Management Monitoring privilege escalation
https://notcve.org/view.php?id=CVE-2022-42438
08 Feb 2023 — IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238210 • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-38941
https://notcve.org/view.php?id=CVE-2021-38941
30 Jun 2022 — IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. IBM X-Force ID: 211048. IBM CloudPak for Multicloud Monitoring versiones 2.0 y 2.3, presenta algunos contenedores que son ejecutados en modo privilegiado, lo que es vulnerable a un filtrado de información del host o a una destrucción si el acceso no autorizado a estos cont... • https://exchange.xforce.ibmcloud.com/vulnerabilities/211048 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20341
https://notcve.org/view.php?id=CVE-2021-20341
09 Mar 2021 — IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns potentially sensitive information in headers which could lead to further attacks against the system. IBM X-Force ID: 194513. IBM Cloud Pak para Multicloud Management Monitoring versión 2.2, devuelve información potencialmente confidencial en encabezados que podrían conllevar a nuevos ataques contra el sistema. IBM X-Force ID: 194513 • https://exchange.xforce.ibmcloud.com/vulnerabilities/194513 •