What is the vulnerability ID for this vulnerability?

The vulnerability ID for this vulnerability is CVE-2020-4548.

What is the severity rating of CVE-2020-4548?

The severity rating of CVE-2020-4548 is 4.3 (Medium).

Which software versions are affected by CVE-2020-4548?

IBM Content Navigator versions 3.0.7 and 3.0.8 are affected by CVE-2020-4548.

What is the potential impact of this vulnerability?

A malicious administrator could bypass the user interface and send requests with illegal characters that may be stored in the database.

Are IBM AIX, Linux kernel, and Microsoft Windows affected by this vulnerability?

No, IBM AIX, Linux kernel, and Microsoft Windows are not affected by this vulnerability.

Vulnerability/
CVE-2020-4548

medium

4.3

CWE

19/8/2020

20/8/2020

16/9/2024

CVE-2020-4548: Input Validation

First published: Wed Aug 19 2020(Updated: )

IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper input validation. A malicious administrator could bypass the user interface and send requests to the IBM Content Navigator server with illegal characters that could be stored in the IBM Content Navigator database. IBM X-Force ID: 183316.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Content Navigator	<=3.0CD
IBM Content Navigator	=3.0.0
IBM Content Navigator	=3.0.7
IBM Content Navigator	=3.0.8
IBM AIX
Linux Linux kernel
Microsoft Windows

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6262411

Frequently Asked Questions

What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-4548.
What is the severity rating of CVE-2020-4548?
The severity rating of CVE-2020-4548 is 4.3 (Medium).
Which software versions are affected by CVE-2020-4548?
IBM Content Navigator versions 3.0.7 and 3.0.8 are affected by CVE-2020-4548.
What is the potential impact of this vulnerability?
A malicious administrator could bypass the user interface and send requests with illegal characters that may be stored in the database.
Are IBM AIX, Linux kernel, and Microsoft Windows affected by this vulnerability?
No, IBM AIX, Linux kernel, and Microsoft Windows are not affected by this vulnerability.

collector/nvd-index
agent/references
agent/type
agent/first-publish-date
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/weakness
agent/description
agent/tags
agent/event
collector/ibm-support
source/IBM
agent/software-canonical-lookup
vendor/ibm
canonical/ibm content navigator
version/ibm content navigator/3.0.0
version/ibm content navigator/3.0.7
version/ibm content navigator/3.0.8
canonical/ibm aix
vendor/linux
canonical/linux linux kernel
vendor/microsoft
canonical/microsoft windows
version/ibm content navigator/3.0cd

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.