Information Disclosure in IBM Content Navigator by IBM
CVE-2020-4687

4.3MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
20 August 2020

Summary

IBM Content Navigator versions 3.0.7 and 3.0.8 are susceptible to a vulnerability that allows authenticated users to access cached content that belongs to other users. This could lead to unauthorized viewing of sensitive information that is not intended for them, posing a risk to user privacy and data security.

Affected Version(s)

Content Navigator 3.0.7

Content Navigator 3.0.8

References

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.