CVE-2020-4309: Infoleak
First published: Tue Mar 24 2020(Updated: )
IBM Content Navigator could disclose sensitive information to an unauthenticated user which could be used to aid in further attacks against the system.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Content Navigator | <=3.0CD | |
| IBM Content Navigator | =3.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is IBM Content Navigator?
IBM Content Navigator is a web-based tool that provides a unified, customizable interface for accessing and working with content from various repositories.
What is the vulnerability CVE-2020-4309?
CVE-2020-4309 is a vulnerability in IBM Content Navigator 3.0CD that could allow an unauthenticated user to access sensitive information and potentially launch further attacks against the system.
How does the vulnerability affect IBM Content Navigator?
The vulnerability in IBM Content Navigator allows an unauthenticated user to access sensitive information, which could be used for further attacks against the system.
What is the severity of CVE-2020-4309?
The severity of CVE-2020-4309 is medium, with a CVSS severity score of 5.3.
How can I mitigate the vulnerability in IBM Content Navigator?
IBM has released a fix for the vulnerability, and users should update to the latest version of IBM Content Navigator (3.0.1 or higher) to mitigate the risk.
- collector/ibm-support
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/ibm
- canonical/ibm content navigator
- version/ibm content navigator/3.0cd
- version/ibm content navigator/3.0.0