Information Exposure Risk in IBM Security Information Queue Products
CVE-2020-4164
2.7LOW
Summary
IBM Security Information Queue versions 1.0.0 to 1.0.5 may unintentionally expose sensitive information due to application errors. This could allow attackers to gather critical insights as part of a larger exploit strategy, potentially compromising the security of the affected systems. Users are encouraged to review their installations and apply security updates promptly to mitigate risks.
Affected Version(s)
Security Information Queue 1.0.0
Security Information Queue 1.0.1
Security Information Queue 1.0.2
References
CVSS V3.1
Score:
2.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved