Remote Code Execution Vulnerability in IBM Resilient SOAR
CVE-2020-4633
6.8MEDIUM
Summary
IBM Resilient SOAR V38.0 is susceptible to a vulnerability that allows remote code execution due to improper input validation, which facilitates formula injection. This flaw exposes the system to potential exploits by enabling unauthorized users to execute arbitrary code, potentially compromising the integrity and security of the application. It is crucial for organizations using this version to apply security measures and updates to mitigate the risks associated with this vulnerability.
Affected Version(s)
Resilient 38
References
CVSS V3.1
Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved