CVE-2020-4695 Information

Description

IBM API Connect V10 is impacted by insecure communications during database replication. As the data replication happens over insecure communication channels an attacker can view unencrypted data leading to a loss of confidentiality.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://www.ibm.com/support/pages/node/6426707 https://exchange.xforce.ibmcloud.com/vulnerabilities/186788

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.5