Lucene search

IbmCVELIST:CVE-2020-4138

HistoryJul 11, 2022 - 5:05 p.m.

CVE-2020-4138

2022-07-1117:05:12

ibm

www.cve.org

ibm

siteprotector appliance

local file disclosure

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

AI Score

5.7

Confidence

High

EPSS

Percentile

12.6%

JSON

IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174049.

CNA Affected

[
  {
    "product": "Security SiteProtector System",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "3.1.1"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/174049

www.ibm.com/support/pages/node/6602547

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

AI Score

5.7

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2020-4138