CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-4719

The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration definition. This could enable an authenticated user with admin authorization to create DNS query strings that are not hostnames. IBM X-Force ID: 187861.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.6%

CVSS Severity

CVSS v3 Score 4.9

CVSS v2 Score 4.0

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/187861
https://www.ibm.com/support/pages/node/6417137
https://exchange.xforce.ibmcloud.com/vulnerabilities/187861
https://www.ibm.com/support/pages/node/6417137

Products affected by CVE-2020-4719

Ibm » Cloud Application Performance Management » Version: 8.1.4

cpe:2.3:a:ibm:cloud_application_performance_management:8.1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-4719

Products

Pricing

Contact Us