Information Disclosure in IBM Verify Gateway from IBM
CVE-2020-4369
5.1MEDIUM
Summary
IBM Verify Gateway versions 1.0.0 and 1.0.1 are susceptible to an information disclosure vulnerability. The software stores highly sensitive information in cleartext, making it accessible to unauthorized users. This could lead to potential security breaches and compromises in user data. It is essential for organizations utilizing affected versions to implement security measures to protect sensitive information.
Affected Version(s)
Verify Gateway (IVG) 1.0.0
Verify Gateway (IVG) 1.0.1
References
CVSS V3.1
Score:
5.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved