CVE-2020-13462

Name of the Vulnerable Software and Affected Versions Tufin SecureChange versions prior to R20-2 GA

Description An Insecure Direct Object Reference (IDOR) issue exists, which can be exploited. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations For versions prior to R20-2 GA, update to version R20-2 GA or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive objects that could be manipulated through the IDOR vulnerability until a patch is applied.