CVE-2020-4125

Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
HCLCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
ibmmarketing_operations
10.1 ≤
𝑥
≤ 10.1.0.3
ibmmarketing_operations
11.1.0.1 ≤
𝑥
≤ 11.1.0.2
ibmmarketing_operations
9.1.2.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080941
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080941