cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-43191,https://securityvulnerability.io/vulnerability/CVE-2024-43191,Specially Crafted YAML File Can Bypass Security Measures in IBM ManageIQ,"IBM ManageIQ is susceptible to a remote command execution vulnerability that arises when an attacker with authenticated access crafts a malicious YAML file request. This manipulation could potentially allow unauthorized execution of arbitrary commands on the system, leading to further exploitation. Users of IBM ManageIQ are advised to review their configurations and ensure proper security measures are implemented to mitigate potential threats.",IBM,Cloud Pak For Multicloud Management,7.2,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-09-26T15:07:48.440Z,0
CVE-2023-46175,https://securityvulnerability.io/vulnerability/CVE-2023-46175,IBM Cloud Pak for Multicloud Management Stores User Credentials in Plain Text,IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file plain clear text which can be read by a privileged user.,IBM,Cloud Pak For Multicloud Management,4.4,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-09-26T13:24:16.129Z,0
CVE-2022-42438,https://securityvulnerability.io/vulnerability/CVE-2022-42438,IBM Cloud Pak for Multicloud Management Monitoring privilege escalation,"An access control vulnerability in IBM Cloud Pak for Multicloud Management versions 2.0 and 2.3 allows unauthorized users to access administrative functionalities by manipulating URL paths. This flaw may lead to significant security risks as users without appropriate permissions could perform sensitive tasks, potentially compromising the integrity and management of the cloud environment.",IBM,Cloud Pak For Multicloud Management Monitoring,7.5,HIGH,0.0009200000204145908,false,,false,false,false,,,false,false,,2023-02-08T18:59:02.733Z,0
CVE-2021-38941,https://securityvulnerability.io/vulnerability/CVE-2021-38941,Privileged Mode Vulnerability in IBM CloudPak for Multicloud Monitoring,"The IBM CloudPak for Multicloud Monitoring versions 2.0 and 2.3 are exposed to a security risk due to the presence of several containers operating in privileged mode. This issue can lead to host information leakage or potential destruction if unauthorized access is obtained, enabling attackers to execute arbitrary commands within the vulnerable containers. Organizations using this product are urged to review their security configurations and implement necessary updates to mitigate these risks.",IBM,Cloud Pak For Multicloud Management Monitoring,5.3,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2022-06-30T17:15:00.000Z,0
CVE-2020-4765,https://securityvulnerability.io/vulnerability/CVE-2020-4765,,IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 188902.,IBM,Cloud Pak For Multicloud Management,4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-05-19T20:15:00.000Z,0
CVE-2021-20341,https://securityvulnerability.io/vulnerability/CVE-2021-20341,,IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns potentially sensitive information in headers which could lead to further attacks against the system. IBM X-Force ID: 194513.,IBM,Cloud Pak For Multicloud Management Monitoring,5.3,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2021-03-09T15:15:00.000Z,0