CSRF Vulnerability in IBM Curam Social Program Management
CVE-2020-4773

6.5MEDIUM

Key Information:

Vendor
IBM
Status
Vendor
CVE Published:
12 October 2020

Summary

A CSRF vulnerability exists in IBM Curam Social Program Management versions 7.0.9 and 7.0.10, where an attacker can trick an authenticated user into executing unwanted actions within the web application. This vulnerability affects only a specific server class and does not impact other components of the web application. Organizations using these versions of IBM Curam should ensure proper security measures are in place to mitigate potential exploits.

Affected Version(s)

Curam SPM 7.0.9

Curam SPM 7.0.10

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.