Vulnerabilities > CVE-2020-4673 - Insecure Storage of Sensitive Information vulnerability in IBM Workload Automation 9.5

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

ibm

CWE-922

NVD

Published: 2021-01-12

Updated: 2021-01-14

Summary

IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in further attacks against the system. IBM X-Force ID: 186286.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Workload Automation 9.5	1

Common Weakness Enumeration (CWE)

CWE-922 - Insecure Storage of Sensitive Information

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/186286
https://www.ibm.com/support/pages/node/6402481