Cross-Site Scripting Vulnerability in IBM Intelligent Operations Center Products
CVE-2020-4317

5.4MEDIUM

Summary

IBM Intelligent Operations Center products are susceptible to a Cross-Site Scripting vulnerability that permits attackers to inject arbitrary JavaScript into the Web UI. This issue can lead to altered functionality, jeopardizing user sessions and potentially exposing sensitive credentials during trusted interactions.

Affected Version(s)

Intelligent Operations Center 5.1.0

Intelligent Operations Center 5.1.0.2

Intelligent Operations Center 5.1.0.3

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.