Lucene search
IbmCVELIST:CVE-2020-4919HistoryJan 04, 2021 - 2:00 p.m.
CVE-2020-4919
2021-01-0414:00:38
ibm
www.cve.org
4
ibm
cloud pak
logout control
authenticated user
impersonate
x-force id 191395
CVSS3
4.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
AI Score
3.8
Confidence
High
EPSS
0.001
Percentile
19.6%
IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395.
CNA Affected
[
{
"product": "Cloud Pak System",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "2.3"
}
]
}
]Related
nvd
nvd
CVE-2020-4919
2021-01-04 14:15:14
prion
prion
Design/Logic Flaw
2021-01-04 14:15:00
cve
cve
CVE-2020-4919
2021-01-04 14:15:14
ibm
ibm
CVSS3
4.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C
AI Score
3.8
Confidence
High
EPSS
0.001
Percentile
19.6%
Related for CVELIST:CVE-2020-4919