CVE-2020-4729

EUVD-2020-25976
IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker under special circumstances to send multiple specially crafted API requests that could cause the application to crash.  IBM X-Force ID:  188052.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
ibmCNA
5.3 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
ibmsafer_payments
5.7.0.00 ≤
𝑥
< 5.7.0.11
ibmsafer_payments
6.0.0.00 ≤
𝑥
< 6.0.0.08
ibmsafer_payments
6.1.0.00 ≤
𝑥
< 6.1.0.06
ibmsafer_payments
6.2.0.00 ≤
𝑥
< 6.2.1.01
𝑥
= Vulnerable software versions
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/188052
https://www.ibm.com/support/pages/node/6985595
https://exchange.xforce.ibmcloud.com/vulnerabilities/188052
https://www.ibm.com/support/pages/node/6985595