CVE-2020-4397
CVE-2020-4397
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.8EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
22 Jul 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 transmits sensitive information in plain text which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 179428.
CVSS:3.0/PR:N/AV:N/A:N/AC:H/UI:N/I:N/S:C/C:H/E:U/RL:O/RC:C
Affected products
IBM · Verify Gateway (IVG)