Vulnerability in Ibm Aspera Shares
CVE-2020-4731
IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials discl…
EPSS: 0.001 (32.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.0/UI:R/AC:L/C:L/S:C/I:L/PR:N/A:N/AV:N/E:H/RC:C/RL:O.
Affected products
- Ibm Aspera Shares — versions 1.9.14.PL1
References
- www.ibm.com/support/pages/node/6326929 (x_refsource_CONFIRM)
- ibm-aspera-cve20204731-xss (188055) (vdb-entry, x_refsource_XF)
Frequently asked questions
- What is CVE-2020-4731?
- CVE-2020-4731 is a medium-severity vulnerability in Ibm Aspera Shares. CVSS score: 6.1/10. Published 2020-09-21.
- How severe is CVE-2020-4731?
- Medium severity. CVSS v3 base score is 6.1 out of 10.