CVE-2020-4617: CSRF

Q: What is the severity of CVE-2020-4617?

CVE-2020-4617 is categorized as a moderate severity vulnerability due to its ability to allow cross-site request forgery.

Q: How do I fix CVE-2020-4617?

To fix CVE-2020-4617, upgrade your IBM Data Risk Manager to version 2.0.6.4 or later.

Q: What software versions are affected by CVE-2020-4617?

CVE-2020-4617 affects IBM Data Risk Manager versions up to 2.0.6.

Q: What type of vulnerability is CVE-2020-4617?

CVE-2020-4617 is a cross-site request forgery vulnerability.

Q: Can CVE-2020-4617 impact all users of IBM Data Risk Manager?

Yes, CVE-2020-4617 can potentially impact any users of the affected versions of IBM Data Risk Manager if exploited.

Published Sep 22, 2020

Updated

IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 184930.

Affected Software

2 affected componentsFixes available

IBM Data Risk Manager<2.0.6.4

IBM Data Risk Manager<=2.0.6

Remediation

Patch Available

https://www.ibm.com/support/pages/node/6335281

Event History

Sep 22, 2020

CVE Published

via MITRE·01:55 PM

Data Sourced

via MITRE·01:55 PM

DescriptionSeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

IBM-6335281

Frequently Asked Questions

What is the severity of CVE-2020-4617?

CVE-2020-4617 is categorized as a moderate severity vulnerability due to its ability to allow cross-site request forgery.

How do I fix CVE-2020-4617?

To fix CVE-2020-4617, upgrade your IBM Data Risk Manager to version 2.0.6.4 or later.

What software versions are affected by CVE-2020-4617?