Lucene search
IBMB587C4A244CD720D63021D2D764EF04E2A53C9B10C139C60B4ADB3647EFE3B74HistoryOct 06, 2021 - 12:30 p.m.
Security Bulletin: IBM Security Guardium Insights is affected by a Cross-Site Request Forgery vulnerability (CVE-2020-4170)
2021-10-0612:30:35
www.ibm.com
8
0.001 Low
EPSS
Percentile
20.5%
Summary
IBM Security Guardium Insights has addressed the following vulnerability.
Vulnerability Details
CVEID:CVE-2020-4170
**DESCRIPTION:**IBM Guardium Activity Insights is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174406 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| Initial Release | 2.0.1 |
Remediation/Fixes
Product
|
VRMF
|
Remediation / First Fix
—|—|—
IBM Security Guardium Insights| 2.0.1| https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&mhq=pasport%20advantage
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security guardium insights | eq | 10.6 | |
| ibm security guardium insights | eq | 11.0 |
Related
cvelist
cvelist
CVE-2020-4170
2020-08-21 00:00:00
prion
prion
Cross site request forgery (csrf)
2020-08-24 16:15:00
cve
cve
CVE-2020-4170
2020-08-24 16:15:10
nvd
nvd
CVE-2020-4170
2020-08-24 16:15:10
0.001 Low
EPSS
Percentile
20.5%
Related for B587C4A244CD720D63021D2D764EF04E2A53C9B10C139C60B4ADB3647EFE3B74