Information Disclosure Vulnerability in IBM Security Secret Server
CVE-2020-4842
2.7LOW
Summary
IBM Security Secret Server 10.6 contains a vulnerability that may allow remote attackers to gain access to sensitive information due to the return of detailed technical error messages in the browser. This information leakage can be leveraged by adversaries for further exploitation and attacks against the affected system. It is crucial for organizations using this product to assess their exposure and take appropriate mitigative actions.
Affected Version(s)
Security Secret Server 10.6
References
CVSS V3.1
Score:
2.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved