Information Exposure Risk in IBM Security Information Queue Products
CVE-2020-4164

2.7LOW

Key Information:

Vendor: IBM
Status: Security Information Queue
Vendor: CVE Published:; 8 April 2020

What is CVE-2020-4164?

IBM Security Information Queue versions 1.0.0 to 1.0.5 may unintentionally expose sensitive information due to application errors. This could allow attackers to gather critical insights as part of a larger exploit strategy, potentially compromising the security of the affected systems. Users are encouraged to review their installations and apply security updates promptly to mitigate risks.

Affected Version(s)

Security Information Queue 1.0.0

Security Information Queue 1.0.1

Security Information Queue 1.0.2

References

https://www.ibm.com/support/pages/node/6172605

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/174400

vdb-entryx_refsource_XF

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2020
Vulnerability Reserved
Dec 30, 2019