How severe is CVE-2021-20359?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Ibm Cloud Pak For Automation

CVE-2021-20359

IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 - Business Automation Application Designer Component stores potentially sensitive information in log files that could be obtained by an unauthorized user. IBM X-Force ID: 194966.

EPSS: 0.002 (46.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/UI:N/AC:L/C:H/S:U/PR:L/I:N/A:N/AV:N/E:U/RL:O/RC:C.

Affected products

Ibm Cloud Pak For Automation — versions 20.0.2.IF002, 20.0.3

References

www.ibm.com/support/pages/node/6412345 (x_refsource_CONFIRM)
ibm-icp4a-cve202120359-info-disc (194966) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2021-20359?: CVE-2021-20359 is a medium-severity vulnerability in Ibm Cloud Pak For Automation. CVSS score: 6.5/10. Published 2021-02-08.
How severe is CVE-2021-20359?: Medium severity. CVSS v3 base score is 6.5 out of 10.