CVE-2020-4528

Description

IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 through 2018.4.1.12) could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-Force ID: 182658.

CVSS breakdown

CVSS 3.0

Privileges Required

None

User Interaction

None

Availability

None

Integrity

None

Scope

Changed

Confidentiality

High

Attack Vector

Local

Attack Complexity

High

Changed

Unchanged

Affected products

ibm / DataPower Gateway2018.4.1.0 – 2018.4.1.0
ibm / DataPower Gateway2018.4.1.12 – 2018.4.1.12
ibm / DataPower Gateway10.0.0.0 – 10.0.0.0

References

MISChttps://www.ibm.com/support/pages/node/6333033
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/182658