CVE-2020-4282

MEDIUM

IBM Security Information Queue <1.0.6 - Auth Bypass

Title source: llm

Description

IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow an authenticated user to perform unauthorized actions by bypassing illegal character restrictions. X-Force ID: 176205.

References (2)

Core 2

Core References

Patch, Vendor Advisory x_refsource_confirm

https://www.ibm.com/support/pages/node/6172587

VDB Entry, Vendor Advisory vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/176205

Scores

CVSS v3 4.3

EPSS 0.0080

EPSS Percentile 51.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Details

CWE

CWE-116

Status published

Products (6)

ibm/security_information_queue 1.0.0

ibm/security_information_queue 1.0.1

ibm/security_information_queue 1.0.2

ibm/security_information_queue 1.0.3

ibm/security_information_queue 1.0.4

ibm/security_information_queue 1.0.5

Published Apr 08, 2020

Tracked Since Feb 18, 2026