Cross-Site Request Forgery Vulnerability in IBM Cloud Pak System
CVE-2020-4917
4.3MEDIUM
Summary
IBM Cloud Pak System 2.3 contains a vulnerability that enables cross-site request forgery (CSRF), allowing attackers to perform unauthorized actions on behalf of trusted users. This type of vulnerability exploits the trust a system has in a user's browser, potentially leading to significant security breaches. Organizations using this version should take immediate action to mitigate the risks involved.
Affected Version(s)
Cloud Pak System 2.3
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved