Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Cloud Pak for Business Automation server-side request forgery
Vulnerability Description
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, and 23.0.2 vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 288178.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
IBM Cloud Pak for Business Automation 代码问题漏洞
Vulnerability Description
IBM Cloud Pak for Business Automation是美国国际商业机器(IBM)公司的一组模块化的集成软件组件,专为任何混合云而构建,旨在实现工作自动化和加速业务增长。 IBM Cloud Pak for Business Automation存在代码问题漏洞,该漏洞源于容易受到服务端请求伪造攻击。攻击者可能导致网络枚举或助长其他攻击。以下版本受到影响:18.0.0、18.0.1、18.0.2、19.0.1、19.0.2、19.0.3、20.0.1、20.0.2、20.0.3、21.
CVSS Information
N/A
Vulnerability Type
N/A