File Download Vulnerability in HCL Marketing Operations
CVE-2020-4125

8.1HIGH

Key Information:

Vendor: IBM
Status: "hcl Marketing Operations"
Vendor: CVE Published:; 20 July 2020

Summary

In certain versions of HCL Marketing Operations, a vulnerability allows attackers to manipulate URLs to download files from the RHEL environment. This flaw could lead to unauthorized access to sensitive information, exposing confidential data to potential exploitation. Organizations using affected versions should apply necessary patches to mitigate risks associated with this vulnerability.

Affected Version(s)

"HCL Marketing Operations" "9.1.2.4, 10.1.x, 11.1.0.x"

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 20, 2020
Vulnerability Reserved
Dec 30, 2019