CVE-2020-4640 is a vulnerability in IBM Api Connect
Published on February 4, 2021

Certain IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 configurations can result in sensitive information in the URL fragment identifiers. This information can be cached in the intermediate nodes like proxy servers, cdn, logging platforms, etc. An attacker can make use of this information to perform attacks by impersonating a user. IBM X-Force ID: 185510.

NVD

Products Associated with CVE-2020-4640

Want to know whenever a new CVE is published for IBM Api Connect? stack.watch will email you.

IBM Api Connect

Affected Versions

IBM API Connect:

Version 2018.4.1.0 is affected.
Version 2018.4.1.13 is affected.
Version 10.0.0.0 is affected.
Version 10.0.1.0 is affected.

Exploit Probability

EPSS

0.08%

Percentile

22.63%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-4640 is a vulnerability in IBM Api ConnectPublished on February 4, 2021

Products Associated with CVE-2020-4640

Affected Versions

Exploit Probability

CVE-2020-4640 is a vulnerability in IBM Api Connect
Published on February 4, 2021