Improper Authorization in IBM Automation Workstream Services and Business Workflow Products
CVE-2020-4794

5.4MEDIUM

Key Information:

Summary

Certain IBM Automation and Business Workflow products are susceptible to a vulnerability that allows an authenticated user to potentially gain access to sensitive information or trigger a denial of service. This occurs due to inadequate authorization checks within the software, highlighting the importance of ensuring appropriate security measures are in place to protect data integrity and accessibility.

Affected Version(s)

Automation Workstream Services 19.0.3

Automation Workstream Services 20.0.1

Automation Workstream Services 20.0.2

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.