CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-4625

IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.8%

CVSS Severity

CVSS v3 Score 4.0

CVSS v2 Score 5.0

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/185360
https://www.ibm.com/support/pages/node/6372536
https://exchange.xforce.ibmcloud.com/vulnerabilities/185360
https://www.ibm.com/support/pages/node/6372536

Products affected by CVE-2020-4625

Ibm » Cloud Pak For Security » Version: 1.3.0.1

cpe:2.3:a:ibm:cloud_pak_for_security:1.3.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-4625

Products

Pricing

Contact Us