Description
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 stores potentially sensitive information in clear text in API connection log files. This information could be obtained by a user with permissions to read log files. IBM X-Force ID: 194965.
CVSS breakdown
CVSS 3.0
Privileges Required
Low
Integrity
None
Attack Vector
Network
Availability
None
Attack Complexity
Low
User Interaction
None
Confidentiality
High
Scope
Unchanged
E
Unchanged
RL
O
RC
Changed
Affected products
- ibm / Cloud Pak for Automation20.0.2.IF002 – 20.0.2.IF002
- ibm / Cloud Pak for Automation20.0.3 – 20.0.3