CVE-2020-4725

Name of the Vulnerable Software and Affected Versions IBM Monitoring versions 8.1.4

Description The issue exists due to inadequate protection of the web page structure in IBM Application Performance Management (APM). An attacker, acting remotely, can exploit this to impact data integrity by sending a specially crafted HTTP request. This could allow an authenticated user to modify HTML content, potentially misleading another user.

Recommendations For version 8.1.4, consider restricting access to the APM UI to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the APM UI for sensitive operations until the issue is resolved.