Volerion logoVolerion
Volerion logoVolerion

IBM Cloud Pak System Sensitive Information Disclosure Vulnerability

Vulnerability

A vulnerability exists in IBM Cloud Pak System versions 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1. This vulnerability could allow the disclosure of sensitive information in HTTP responses, which could be leveraged for further attacks against the system.

Impact

Exploitation of this vulnerability could lead to the unauthorized disclosure of sensitive information, potentially facilitating additional attacks against the system.

Remediation

Users are advised to upgrade to IBM Cloud Pak System v2.3.4.0 for Intel or v2.3.5.0 for Power. Instructions for downloading these versions are available on IBM Fix Central. For unsupported versions, upgrade to a supported version of the product.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
1.4
impact
2.5
exploitability
7.0
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.