CVE-2020-4171Insecure Storage of Sensitive Information in IBM Security Guardium Insights

CWE-922Insecure Storage of Sensitive InformationCWE-200Sensitive Information Exposure3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.1%
top 66.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Guardium Insights
Timeline
PublishedAug 27
Latest updateMay 24

Description

IBM Security Guardium Insights 2.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174407.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-9hmp-4mxf-3h8j: IBM Security Guardium Insights 22022-05-24
CVEList
CVE-2020-4171: IBM Security Guardium Insights 22020-08-27
CVE-2020-4171 — IBM vulnerability | cvebase