CVE-2020-4548Improper Input Validation in IBM Content Navigator

CWE-20Improper Input Validation3 documents3 sources
Severity
2.7LOWNVD
EPSS
0.2%
top 60.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Content Navigator
Timeline
PublishedAug 20
Latest updateMay 24

Description

IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper input validation. A malicious administrator could bypass the user interface and send requests to the IBM Content Navigator server with illegal characters that could be stored in the IBM Content Navigator database. IBM X-Force ID: 183316.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:NExploitability: 1.2 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/content_navigator3.0.7, 3.0.8+1
NVDibm/content_navigator3.0.0, 3.0.7, 3.0.8+2

🔴Vulnerability Details

2
GHSA
GHSA-vr3h-fwrp-r6hg: IBM Content Navigator 32022-05-24
CVEList
CVE-2020-4548: IBM Content Navigator 32020-08-20
CVE-2020-4548 — Improper Input Validation in IBM | cvebase