CVE-2020-4612: Medium severity ibm data risk manager vulnerability

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2020-4612.

Q: What is the severity of CVE-2020-4612?

The severity of CVE-2020-4612 is medium.

Q: How can an authenticated user exploit CVE-2020-4612?

An authenticated user can exploit CVE-2020-4612 by using a specially crafted HTTP request to obtain sensitive information.

Q: Is there a patch available for IBM Data Risk Manager?

Yes, a patch is available for IBM Data Risk Manager. Please refer to the IBM support page for more information.

Q: Where can I find more information about CVE-2020-4612?

You can find more information about CVE-2020-4612 on the IBM X-Force Exchange website.

Published Sep 22, 2020

Updated

IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to obtain sensitive information using a specially crafted HTTP request. IBM X-Force ID: 184924.

Affected Software

2 affected componentsFixes available

IBM Data Risk Manager<2.0.6.4

IBM Data Risk Manager<=2.0.6

Remediation

Patch Available

https://www.ibm.com/support/pages/node/6335281

Event History

Sep 22, 2020

CVE Published

via MITRE·01:55 PM

Data Sourced

via MITRE·01:55 PM

DescriptionSeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

IBM-6335281

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2020-4612.

What is the severity of CVE-2020-4612?

The severity of CVE-2020-4612 is medium.

How can an authenticated user exploit CVE-2020-4612?