CVE-2020-4125

Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ibmmarketing_operations
10.1 ≤
𝑥
≤ 10.1.0.3
ibmmarketing_operations
11.1.0.1 ≤
𝑥
≤ 11.1.0.2
ibmmarketing_operations
9.1.2.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080941
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080941