CVE-2020-4695

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Api Connect
Vendor: CVE Published:; 8 March 2021

Summary

IBM API Connect V10 is impacted by insecure communications during database replication. As the data replication happens over insecure communication channels, an attacker can view unencrypted data leading to a loss of confidentiality.

Affected Version(s)

API Connect 10.0.0.0

API Connect 10.0.1.0

References

https://www.ibm.com/support/pages/node/6426707

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/186788

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 8, 2021
Vulnerability Reserved
Dec 30, 2019