CNNVD-202602-577 Information

CNNVD ID

CNNVD-202602-577

Related CVE

CVE-2023-38017

• CNNVD Published: 2026-02-04

Description (Chinese)

IBM Cloud Pak System是美国国际商业机器（IBM）公司的一套具有可配置、预集成软件的全栈、融合基础架构。该产品支持跨混合云部署、管理和移动应用程序环境。 IBM Cloud Pak System存在安全漏洞，该漏洞源于容易受到跨站脚本攻击，可能允许用户在Web UI中嵌入任意JavaScript代码，从而导致凭据泄露。

Description (English)

IBM Cloud Pak Systems is a fully configured, pre-integrated software, integrated infrastructure for the United States International Business Machine (IBM). The product supports a cross-mixed cloud deployment, management and mobile application environment. IBM Cloud Pak System has a security loophole, which stems from its vulnerability to cross-site script attacks, and may allow users to embed any JavaScript code in Web UI, leading to the disclosure of evidence.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

国际商业机器

Published

2026-02-04

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7254419

Patch

https://www.ibm.com/support/pages/node/7254419