CVE-2020-4624 LOW

CVE-2020-4624

Vendor Ibm
Product Cloud Pak for Security
Published November 30, 2020
Last update September 17, 2024

CVSS base score

3.7/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.0/UI:N/A:N/PR:N/I:N/AC:H/S:U/C:L/AV:N/RL:O/RC:C/E:U

What the vulnerability does

01Description

IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms during negotiation could allow an attacker to decrypt sensitive information.

Key dates

02Disclosure timeline

November 30, 2020 CVE published
September 17, 2024 Record updated