CVE-2020-4159Sensitive Information Exposure in IBM Qradar Network Security

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 56.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Qradar Network Security
Timeline
PublishedJul 12
Latest updateJul 13

Description

IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. IBM X-Force ID: 174339.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/qradar_network_security5.4.0, 5.5.0+1
NVDibm/qradar_network_security5.4.0, 5.5.0+1

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-8qw3-p2h9-r3mq: IBM QRadar Network Security 52022-07-13
CVEList
CVE-2020-4159: IBM QRadar Network Security 52022-07-12
CVE-2020-4159 — Sensitive Information Exposure in IBM | cvebase