3 matches found
CVE-2020-4779
A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...
CVE-2020-4778
CVE-2020-4778 affects IBM Cúram Social Program Management, with vulnerable tokens hashed using MD5 in 7.0.9 and 7.0.10. Root cause: MD5 hashing of a token in a single instance, weaker than SHA-256 currently used in the app. Impact described by IBM: CVSS base score 5.9; confidentiality impact high...
CVE-2020-4779
A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156...