CSRF Vulnerability in IBM Curam Social Program Management
CVE-2020-4773

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Curam Spm
Vendor: CVE Published:; 12 October 2020

Summary

A CSRF vulnerability exists in IBM Curam Social Program Management versions 7.0.9 and 7.0.10, where an attacker can trick an authenticated user into executing unwanted actions within the web application. This vulnerability affects only a specific server class and does not impact other components of the web application. Organizations using these versions of IBM Curam should ensure proper security measures are in place to mitigate potential exploits.

Affected Version(s)

Curam SPM 7.0.9

Curam SPM 7.0.10

References

https://www.ibm.com/support/pages/node/6344097

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/189151

vdb-entryx_refsource_XF

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 12, 2020
Vulnerability Reserved
Dec 30, 2019