Local File Inclusion in IBM SiteProtector Appliance
CVE-2020-4138

4MEDIUM

Key Information:

Vendor

IBM
Status
Security Siteprotector System
Vendor
CVE Published:
11 July 2022

What is CVE-2020-4138?

A local file inclusion vulnerability exists in IBM SiteProtector Appliance version 3.1.1, allowing web pages to be saved locally. This data can potentially be accessed by unauthorized users on the same system, posing a security risk. It is crucial for organizations using this software to implement necessary safeguards to prevent unauthorized access to sensitive information stored on the appliance.

Affected Version(s)

Security SiteProtector System 3.1.1

References

https://www.ibm.com/support/pages/node/6602547
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/174049
vdb-entryx_refsource_XF

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.