Local File Reading Vulnerability in IBM Application Performance Monitoring UI
CVE-2020-4726

4MEDIUM

Key Information:

Vendor
IBM
Status
Vendor
CVE Published:
2 March 2021

Summary

The IBM Application Performance Monitoring UI in version 8.1.4 has a vulnerability that allows web pages to be stored locally. This can enable unauthorized users on the same system to read files that should remain isolated. This could potentially lead to exposure of sensitive information, impacting the overall security of the application environment. Organizations using this version should assess their systems for any potential risks linked to this behavior.

Affected Version(s)

Cloud APM 8.1.4

References

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.