PT-2020-18175 · Ibm · Ibm Infosphere Metadata Asset Manager

Elusivefox

Published

2020-09-04

Updated

2020-09-09

CVE-2020-4632

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Metadata Asset Manager version 11.7

Description The issue allows a remote authenticated attacker to exploit server-side request forgery by sending a specially crafted request, potentially submitting or controlling server requests.

Recommendations For IBM InfoSphere Metadata Asset Manager version 11.7, update to a version that includes a fix for this issue, as no specific workaround is provided in the available data.

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2020-4632

Affected Products

Ibm Infosphere Metadata Asset Manager

PT-2020-18175 · Ibm · Ibm Infosphere Metadata Asset Manager

CVE-2020-4632

Weakness Enumeration

Related Identifiers

Affected Products

References · 4