CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-4527

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the Secure flag for the session cookie in TLS mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM X-Force ID: 182631.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.0%

CVSS Severity

CVSS v3 Score 5.9

CVSS v2 Score 4.3

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/182631
https://www.ibm.com/support/pages/node/6249981
https://exchange.xforce.ibmcloud.com/vulnerabilities/182631
https://www.ibm.com/support/pages/node/6249981

Products affected by CVE-2020-4527

Ibm » Planning Analytics » Version: 2.0

cpe:2.3:a:ibm:planning_analytics:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-4527

Products

Pricing

Contact Us