CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4170
https://notcve.org/view.php?id=CVE-2020-4170
24 Aug 2020 — IBM Security Guardium Insights 2.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 174406. IBM Security Guardium Insights versión 2.0.1, es vulnerable a un ataque de tipo cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario que el sitio web confía. IBM X-Force ID: 174406. • https://exchange.xforce.ibmcloud.com/vulnerabilities/174406 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4165
https://notcve.org/view.php?id=CVE-2020-4165
24 Aug 2020 — IBM Security Guardium Insights 2.0.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 174401. IBM Security Guardium Insights versión 2.0.1, podría permitir a un atacante remoto secuestrar la acción de clic de la víctima. Al persuadir a una víctima para que visite un sitio... • https://exchange.xforce.ibmcloud.com/vulnerabilities/174401 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •