PT-2020-18241 · Ibm · Ibm Curam Social Program Management

Published

2020-10-12

·

Updated

2020-10-19

·

CVE-2020-4779

CVSS v3.1

8.1

High

VectorAV:N/A:N/PR:L/S:U/UI:N/C:H/I:H/AC:L
Name of the Vulnerable Software and Affected Versions IBM Curam Social Program Management versions 7.0.9 through 7.0.10
Description A HTTP Verb Tampering issue may allow an attacker to bypass security access controls by sending a specially-crafted request.
Recommendations For versions 7.0.9 and 7.0.10, update to a version that includes a fix for this issue to prevent exploitation.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2020-4779

Affected Products

Ibm Curam Social Program Management