Lucene search
IBM8CD104CC03659AA73DB55F4D4A3AB8D124754E2A0C2E617E0DC8373963C0C3E4HistoryJan 31, 2020 - 4:44 p.m.
Security Bulletin: Information Disclosure in IBM StoredIQ (CVE-2020-4224)
2020-01-3116:44:14
www.ibm.com
9
0.0004 Low
EPSS
Percentile
5.1%
Summary
IBM StoredIQ has addressed the following information disclosure vulnerability.
Vulnerability Details
CVEID:CVE-2020-4224
**DESCRIPTION:**IBM StoredIQ could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links.
CVSS Base score: 2.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/175133 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| StoredIQ | 7.6.0.17 - 7.6.0.20 |
Remediation/Fixes
| Product | VRMF | Remediation / First Fix |
|---|---|---|
| IBM StoredIQ | 7.6.0.17 - 7.6.0.20 | Upgrade to fix pack 7.6.0.20 and apply Interim Fix 1 that is available from Fix Central <https://www.ibm.com/support/fixcentral/> |
Workarounds and Mitigations
None
Related
cvelist
cvelist
CVE-2020-4224
2020-01-31 00:00:00
cve
cve
CVE-2020-4224
2020-02-03 17:15:15
nvd
nvd
CVE-2020-4224
2020-02-03 17:15:15
prion
prion
Information disclosure
2020-02-03 17:15:00
0.0004 Low
EPSS
Percentile
5.1%
Related for 8CD104CC03659AA73DB55F4D4A3AB8D124754E2A0C2E617E0DC8373963C0C3E4