Local File Storage Vulnerability in IBM Tivoli Business Service Manager
CVE-2020-4344

4MEDIUM

Key Information:

Vendor: IBM
Status: Tivoli Business Service Manager
Vendor: CVE Published:; 15 September 2020

What is CVE-2020-4344?

The vulnerability in IBM Tivoli Business Service Manager versions 6.2.0.0 to 6.2.0.2 IF 1 allows web pages to be stored on the local system, with the potential for unauthorized access by other users. This can lead to sensitive information exposure, creating security risks for organizations utilizing this software. Proper awareness and timely updates are essential to mitigate these concerns.

Affected Version(s)

Tivoli Business Service Manager 6.2.0.0

Tivoli Business Service Manager 6.2.0.2.IF.1

References

https://www.ibm.com/support/pages/node/6332437

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/178247

vdb-entryx_refsource_XF

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2020
Vulnerability Reserved
Dec 30, 2019