CVE-2020-4779
CVE-2020-4779
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.1EPSS 1.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
12 Oct 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass security access controls. IBM X-Force ID: 189156.
CVSS:3.0/AV:N/A:N/PR:L/S:U/UI:N/C:H/I:H/AC:L/E:U/RL:O/RC:C
Affected products
IBM · Curam SPMWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →