Spoofing Vulnerability in IBM Security Information Queue
CVE-2020-4290
4.2MEDIUM
Summary
A spoofing vulnerability in IBM Security Information Queue allows any authenticated user to impersonate the configuration owner of another user. This can lead to unauthorized access to sensitive information and may compromise the security of the affected system. Users on versions 1.0.0 through 1.0.5 are particularly at risk, making it essential to implement patches and updates to protect against potential exploits.
Affected Version(s)
Security Information Queue 1.0.0
Security Information Queue 1.0.1
Security Information Queue 1.0.2
References
CVSS V3.1
Score:
4.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved