Information Disclosure in IBM Verify Gateway from IBM
CVE-2020-4369

5.1MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
22 July 2020

Summary

IBM Verify Gateway versions 1.0.0 and 1.0.1 are susceptible to an information disclosure vulnerability. The software stores highly sensitive information in cleartext, making it accessible to unauthorized users. This could lead to potential security breaches and compromises in user data. It is essential for organizations utilizing affected versions to implement security measures to protect sensitive information.

Affected Version(s)

Verify Gateway (IVG) 1.0.0

Verify Gateway (IVG) 1.0.1

References

CVSS V3.1

Score:
5.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.