CVE-2020-4599: Medium severity ibm security guardium insights vulnerability

Q: What is CVE-2020-4599?

CVE-2020-4599 is a vulnerability in IBM Security Guardium Insights 2.0.2.

Q: What can a remote attacker do with CVE-2020-4599?

A remote attacker can obtain sensitive information when a detailed technical error message is returned in the browser.

Q: How does CVE-2020-4599 affect IBM Security Guardium Insights?

CVE-2020-4599 allows a remote attacker to obtain sensitive information in IBM Security Guardium Insights.

Q: What is the severity of CVE-2020-4599?

The severity of CVE-2020-4599 is medium with a CVSS score of 5.3.

Q: How can I fix CVE-2020-4599?

To fix CVE-2020-4599, update to a version of IBM Security Guardium Insights that is not vulnerable, such as version 2.0.3 or later.

Published Jan 12, 2021

Updated

IBM Security Guardium Insights 2.0.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184824.

Other sources

IBM Security Guardium Insights could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

Affected Software

3 affected componentsFixes available

IBM Security Guardium Insights<=2.0.2

IBM Security Guardium Insights=2.0.2

Linux Linux kernel

Remediation

Patch Available

https://www.ibm.com/support/pages/node/6403463

Event History

Jan 12, 2021

CVE Published

via IBM·12:00 AM

Jan 13, 2021

CVE Published

via MITRE·06:10 PM

Data Sourced

via MITRE·06:10 PM

DescriptionSeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

IBM-6403463

Frequently Asked Questions

What is CVE-2020-4599?

CVE-2020-4599 is a vulnerability in IBM Security Guardium Insights 2.0.2.

What can a remote attacker do with CVE-2020-4599?