Improper Input Validation in IBM Content Navigator by IBM
CVE-2020-4548

4.3MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
20 August 2020

Summary

IBM Content Navigator versions 3.0.7 and 3.0.8 are susceptible to an issue with improper input validation. A malicious administrator could exploit this vulnerability to bypass the user interface, allowing them to send requests containing illegal characters directly to the server. These characters could be improperly stored in the IBM Content Navigator database, creating significant security risks. Organizations using these versions are advised to remediate the vulnerability to ensure the integrity of their data.

Affected Version(s)

Content Navigator 3.0.7

Content Navigator 3.0.8

References

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.