CVE-2020-4725 MEDIUM

CVE-2020-4725

Vendor Ibm
Product Cloud APM
Published March 2, 2021
Last update September 17, 2024

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/UI:N/I:L/AV:N/PR:L/S:U/A:N/AC:L/C:N/RL:O/E:U/RC:C

What the vulnerability does

01Description

IBM Monitoring (IBM Cloud APM 8.1.4 ) could allow an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI, which could mislead another user. IBM X-Force ID: 187974.

Key dates

02Disclosure timeline

March 2, 2021 CVE published
September 17, 2024 Record updated