CVE-2020-4928

January 5, 2021

IBM Cloud Pak System 2.3 could allow a local privileged attacker to upload arbitrary files. By intercepting the request and modifying the file extention, the attacker could execute arbitrary code on the server. IBM X-Force ID: 191705.

Summary:

IBM Cloud Pak System 2.3 could allow a local privileged attacker to upload arbitrary files. By intercepting the request and modifying the file extention, the attacker could execute arbitrary code on the server. IBM X-Force ID: 191705.

PoC / Reference Links(if available):

https://www.ibm.com/support/pages/node/6393554

CVSSv2 and CVSSv3 Score

v2: 4.6 / MEDIUM
v3: 6.7 / MEDIUM

Links to patches(if available)

Tags: , , ,

You may have missed

hkcert

Ubuntu Linux Kernel Multiple Vulnerabilities

July 2, 2025
hkcert

Microsoft Edge Multiple Vulnerabilities

July 2, 2025
hkcert

Google Chrome Data Manipulation Vulnerability

July 2, 2025
image

CVE Alert: CVE-2025-53107

July 2, 2025
image

CVE Alert: CVE-2025-52294

July 2, 2025