IBM OpenPages with Watson has addressed an information disclosure vulnerability caused by improper validation.
CVEID:CVE-2020-4536
**DESCRIPTION:**IBM OpenPages with Watson could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/182907 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
IBM OpenPages with Watson version v8.1
A fix has been created for each affected version of the named product. Download and install the fix as soon as possible. Fixes and installation instructions are provided at the URL listed below:
Fix | Download URL |
---|---|
For IBM OpenPages with Watson 8.1 | |
- Apply 8.1.0.2 or later | <https://www.ibm.com/support/pages/openpages-watson-81-fix-pack-2> |
None