CVE-2020-4811 LOW

CVE-2020-4811

Vendor Ibm
Product Cloud Pak for Security
Published May 14, 2021
Last update September 17, 2024

CVSS base score

2.4/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:N/A:N/C:N/S:U/PR:H/UI:R/I:L/AC:L/E:U/RL:O/RC:C

What the vulnerability does

01Description

IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation.

Key dates

02Disclosure timeline

May 14, 2021 CVE published
September 17, 2024 Record updated