Improper Authorization in IBM Automation Workstream Services and Business Workflow Products
CVE-2020-4794
5.4MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 21 December 2020
Summary
Certain IBM Automation and Business Workflow products are susceptible to a vulnerability that allows an authenticated user to potentially gain access to sensitive information or trigger a denial of service. This occurs due to inadequate authorization checks within the software, highlighting the importance of ensuring appropriate security measures are in place to protect data integrity and accessibility.
Affected Version(s)
Automation Workstream Services 19.0.3
Automation Workstream Services 20.0.1
Automation Workstream Services 20.0.2
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved