Main Vulnerability Database SB2020081428

SB2020081428 - Improper Authentication in IBM Event Streams

Published: August 14, 2020 Updated: August 21, 2020

Security Bulletin ID SB2020081428

Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Authentication (CVE-ID: CVE-2020-4662)

The vulnerability allows a remote authenticated user to execute arbitrary code.

IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. IBM X-Force ID: 186233.

Remediation

Install update from vendor's website.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/186233
https://www.ibm.com/support/pages/node/6259393