CVE-2020-4205
CVE-2020-4205
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
19 Mar 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could allow an authenticated user to bypass security restrictions, and continue to access the server even after authentication certificates have been revolked. IBM X-Force ID: 174961.
CVSS:3.0/S:U/PR:L/AC:H/AV:N/A:L/I:L/C:L/UI:N/E:U/RC:C/RL:O
Affected products
IBM · DataPower Gateway