CVE-2020-4843
First published: Mon Dec 21 2020(Updated: )
IBM Security Secret Server 10.6 stores potentially sensitive information in config files that could be read by an authenticated user. IBM X-Force ID: 190048.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Secret Server | =10.6 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for IBM Security Secret Server 10.6?
The vulnerability ID for IBM Security Secret Server 10.6 is CVE-2020-4843.
What is the severity rating of CVE-2020-4843?
CVE-2020-4843 has a severity rating of 4.3 (medium).
What is the impact of the vulnerability in IBM Security Secret Server 10.6?
The vulnerability in IBM Security Secret Server 10.6 allows an authenticated user to read potentially sensitive information.
How can an authenticated user exploit the vulnerability in IBM Security Secret Server 10.6?
An authenticated user can exploit the vulnerability in IBM Security Secret Server 10.6 by reading the sensitive information stored in config files.
Is IBM Security Secret Server 10.6 the only affected software?
No, IBM Security Secret Server 10.6 is the affected software, and it runs on Microsoft Windows.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/remedy
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/ibm
- canonical/ibm security secret server
- version/ibm security secret server/10.6
- vendor/microsoft
- canonical/microsoft windows