CVE-2020-4908

EUVD-2020-26155
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 returns the product version and release information on the login dialog. This information could be used in further attacks against the system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
ibmCNA
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/I:N/A:N/C:L/PR:N/S:U/AC:L/AV:N/UI:N/RL:O/RC:C/E:U
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
ibmfinancial_transaction_manager_for_multiplatform
3.2.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/191113
https://www.ibm.com/support/pages/node/6371260
https://exchange.xforce.ibmcloud.com/vulnerabilities/191113
https://www.ibm.com/support/pages/node/6371260