Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMB32170FFF285450407F92413C0A07773ACE80E126493E67B73280F5B62066789
HistoryJun 08, 2021 - 9:52 p.m.

Security Bulletin: Potential exposure of sensitive data in IBM DataPower Gateway (CVE-2020-4203)

2021-06-0821:52:38
www.ibm.com
9

0.001 Low

EPSS

Percentile

31.2%

JSON

Summary

IBM DataPower Gateway could permit privileged users to view certain internal directories. IBM has addressed the CVE.

Vulnerability Details

CVEID:CVE-2020-4203
**DESCRIPTION:**IBM DataPower Gateway could potentially disclose highly sensitive information to a privileged user due to improper access controls.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174956 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM DataPower Gateway 2018.4.1.0-2018.4.1.9

Remediation/Fixes

Affected Product(s) Version(s) APAR
IBM DataPower Gateway 2018.4.1.10 IT31083

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm datapower gatewayeq2018.4.1

Related

cve 1
cvelist 1
prion 1
nvd 1
ibm 1
cve
cve
CVE-2020-4203
2020-03-19 14:15:12
cvelist
cvelist
CVE-2020-4203
2020-03-18 00:00:00
prion
prion
Improper access control
2020-03-19 14:15:00
nvd
nvd
CVE-2020-4203
2020-03-19 14:15:12
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM MQ Appliance (CVE-2020-4025 and CVE-2020-4203)
2020-07-23 21:30:57

0.001 Low

EPSS

Percentile

31.2%

JSON
Related for B32170FFF285450407F92413C0A07773ACE80E126493E67B73280F5B62066789
cve1cvelist1prion1nvd1ibm1