Information Exposure in IBM Verify Gateway Version 1.0.0 and 1.0.1
CVE-2020-4405

3.1LOW

Key Information:

Vendor
IBM
Status
Verify Gateway (ivg)
Vendor
CVE Published:
27 July 2020

Summary

IBM Verify Gateway versions 1.0.0 and 1.0.1 are susceptible to information exposure. This vulnerability arises from world-readable log files that can disclose potentially sensitive data to authenticated users. It is crucial for users of affected versions to address this security issue to safeguard their information.

Affected Version(s)

Verify Gateway (IVG) 1.0.0

Verify Gateway (IVG) 1.0.1

References

https://www.ibm.com/support/pages/node/6252479
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/179484
vdb-entryx_refsource_XF

CVSS V3.1

Score:
3.1
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.