What is CVE-2020-4685?

CVE-2020-4685 is a high-severity vulnerability in Ibm Cognos Controller. CVSS score: 8.0/10. Published 2020-11-11.

How severe is CVE-2020-4685?

High severity. CVSS v3 base score is 8.0 out of 10.

Vulnerability in Ibm Cognos Controller

CVE-2020-4685

A low level user of IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 who has Administration rights to the server where the application is installed, can escalate their privilege from Low level to Super Admin and gain access…

EPSS: 0.005 (67.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.0 (High). Vector: CVSS:3.0/S:C/I:H/C:H/AC:H/A:H/PR:H/UI:N/AV:N/RL:O/RC:C/E:U.

Affected products

Ibm Cognos Controller — versions 10.3.1, 10.3.0, 10.4.0

References

www.ibm.com/support/pages/node/6339995 (x_refsource_CONFIRM)
ibm-cognos-cve20204685-priv-escalation (186625) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2020-4685?: CVE-2020-4685 is a high-severity vulnerability in Ibm Cognos Controller. CVSS score: 8.0/10. Published 2020-11-11.
How severe is CVE-2020-4685?: High severity. CVSS v3 base score is 8.0 out of 10.