Description
IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 158280.
CVSS breakdown
CVSS 3.0
Scope
Changed
Availability
High
Integrity
High
Attack Complexity
Low
Attack Vector
Network
Confidentiality
High
User Interaction
Required
Privileges Required
Low
RC
Changed
RL
O
E
Unchanged
Affected products
- ibm / cloud_pak_system2.3 – 2.3
- ibm / cloud_pak_system2.2 – 2.2