Platform System Manager in IBM Cloud Pak System 2.3 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 165179.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.0104
Percentile: 0.76487

CVSS Scoring

Mapped CWE(s)

• CWE-1236 : Improper Neutralization of Formula Elements in a CSV File

Affected Products

• cpe:2.3:a:ibm:cloud_pak_system:2.3:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:cloud_pak_system:2.3.0.1:*:*:*:*:*:*:*

← Back to Home