IBM Security Guardium Insights is affected by an Open Redirect vulnerability
Summary
IBM Security Guardium Insights has addressed the following vulnerability.
Vulnerability Details
CVEID: CVE-2020-4598
DESCRIPTION: IBM Security Guardium Insights 2.0.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/184823 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
| IBM Security Guardium Insights | 2.0.1 |
Remediation/Fixes
Product – IBM Security Guardium Insights
VRMF – 2.0.1
Remediation/First Fix – https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&mhq=pasport%20advantage
Leave A Comment