What is CVE-2021-20564?

CVE-2021-20564 is a medium-severity vulnerability in Ibm Cloud Pak For Security. CVSS score: 5.9/10. Published 2021-05-14.

How severe is CVE-2021-20564?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Vulnerability in Ibm Cloud Pak For Security

CVE-2021-20564

IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exp…

EPSS: 0.002 (39.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.0/PR:N/UI:N/I:N/AC:H/AV:N/C:H/A:N/S:U/RC:C/RL:O/E:U.

Affected products

Ibm Cloud Pak For Security — versions 1.4.0.0, 1.6.0.0, 1.5.0.1

References

www.ibm.com/support/pages/node/6453115 (x_refsource_CONFIRM)
ibm-cp4s-cve202120564-info-disc (199235) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2021-20564?: CVE-2021-20564 is a medium-severity vulnerability in Ibm Cloud Pak For Security. CVSS score: 5.9/10. Published 2021-05-14.
How severe is CVE-2021-20564?: Medium severity. CVSS v3 base score is 5.9 out of 10.