PT-2020-18215 · Ibm · Ibm Security Trusteer Pinpoint Detect

Ismail Melih Tas

Published

2020-09-16

Updated

2021-07-21

CVE-2020-4708

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Security Trusteer Pinpoint Detect version 11.6.5

Description The issue could disclose some information due to the use of a wildcard in the Access-Control-Allow-Origin header.

Recommendations For IBM Security Trusteer Pinpoint Detect version 11.6.5, consider restricting access to sensitive information until a fix is available. As a temporary workaround, review and modify the Access-Control-Allow-Origin header configuration to avoid using wildcards and only allow specific origins that are trusted.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-4708

Affected Products

Ibm Security Trusteer Pinpoint Detect

PT-2020-18215 · Ibm · Ibm Security Trusteer Pinpoint Detect

CVE-2020-4708

Related Identifiers

Affected Products

References · 4