CVE-2020-4548: Input Validation
First published: Wed Aug 19 2020(Updated: )
IBM Content Navigator is vulnerable to improper input validation. A malicious administrator could bypass the user interface and send requests to the IBM Content Navigator server with illegal characters that could be stored in the IBM Content Navigator database.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Content Navigator | <=3.0CD | |
| IBM Content Navigator | =3.0.0 | |
| IBM Content Navigator | =3.0.7 | |
| IBM Content Navigator | =3.0.8 | |
| IBM AIX | ||
| Linux Linux kernel | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-4548.
What is the severity rating of CVE-2020-4548?
The severity rating of CVE-2020-4548 is 4.3 (Medium).
Which software versions are affected by CVE-2020-4548?
IBM Content Navigator versions 3.0.7 and 3.0.8 are affected by CVE-2020-4548.
What is the potential impact of this vulnerability?
A malicious administrator could bypass the user interface and send requests with illegal characters that may be stored in the database.
Are IBM AIX, Linux kernel, and Microsoft Windows affected by this vulnerability?
No, IBM AIX, Linux kernel, and Microsoft Windows are not affected by this vulnerability.
- collector/ibm-support
- collector/nvd-index
- vendor/ibm
- canonical/ibm content navigator
- version/ibm content navigator/3.0cd
- version/ibm content navigator/3.0.0
- version/ibm content navigator/3.0.7
- version/ibm content navigator/3.0.8
- canonical/ibm aix
- vendor/linux
- canonical/linux linux kernel
- vendor/microsoft
- canonical/microsoft windows