Improper Authentication in IBM Event Streams 10.0.0
CVE-2020-4662

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Event Streams
Vendor: CVE Published:; 14 August 2020

What is CVE-2020-4662?

IBM Event Streams version 10.0.0 contains a vulnerability that enables authenticated users to execute unauthorized tasks on a schema due to a flaw in authentication validation. This could potentially allow users to alter or manipulate critical aspects of the event streaming service, posing significant risks to data integrity and system operations.

Affected Version(s)

Event Streams 10.0.0

References

https://www.ibm.com/support/pages/node/6259393

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/186233

vdb-entryx_refsource_XF

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2020
Vulnerability Reserved
Dec 30, 2019