How severe is CVE-2020-4598?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2020-4598?

This is classified as CWE-601, which is a common weakness in software security.

CVE-2020-4598

MEDIUM Year: 2020

CVSS v3 Score

6.5

Medium

CVSS v2 Score

5.8

Medium

Weakness Type

CWE-601

View all →

Vulnerability Description

IBM Security Guardium Insights 2.0.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 184823.

CVE-2017-15419

MEDIUM

CVSS:6.5(Medium)

Insufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted ...

CWE-6012017

CVE-2018-0924

MEDIUM

CVSS:6.5(Medium)

Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013...

CWE-6012018

CVE-2019-3778

MEDIUM

CVSS:6.5(Medium)

Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector a...

CWE-6012019

CVE-2019-6741

MEDIUM

CVSS:6.5(Medium)

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). User intera...

CWE-6012019