CVE-2020-4687

Description

IBM Content Navigator 3.0.7 and 3.0.8 could allow an authenticated user to view cached content of another user that they should not have access to. IBM X-Force ID: 186679.

CVSS breakdown

CVSS 3.0

Privileges Required

Low

Confidentiality

Low

Scope

Unchanged

Availability

None

Attack Vector

Network

User Interaction

None

Attack Complexity

Low

Integrity

None

Changed

Unchanged

Affected products

ibm / content_navigator3.0.7 – 3.0.7
ibm / content_navigator3.0.8 – 3.0.8

References

MISChttps://www.ibm.com/support/pages/node/6262423
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/186679