{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T19:59:25.579","vulnerabilities":[{"cve":{"id":"CVE-2020-4532","sourceIdentifier":"psirt@us.ibm.com","published":"2020-06-17T18:15:12.220","lastModified":"2024-11-21T05:32:51.560","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Business Automation Workflow and IBM Business Process Manager (IBM Business Process Manager Express 8.5.5, 8.5.6, 8.5.7, and 8.6) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182716."},{"lang":"es","value":"IBM Business Automation Workflow e IBM Business Process Manager (IBM Business Process Manager Express versiones 8.5.5, 8.5.6, 8.5.7 y 8.6), podrían permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría ser usada en futuros ataques contra el sistema. ID de IBM X-Force: 182716"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-209"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:18.0.0.1:*:*:*:*:*:*:*","matchCriteriaId":"10B802CE-F898-4B60-9E2C-4D271F9211C7"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_automation_workflow:19.0.0.3:*:*:*:*:*:*:*","matchCriteriaId":"A214C54D-C6DF-408C-BDEA-DCF7DEFBCCA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_process_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"8.5.5.0","versionEndExcluding":"8.5.7.0","matchCriteriaId":"5D88BD08-CE33-4E18-B01E-CA5D7070077D"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:business_process_manager:8.6.0.0:-:*:*:-:*:*:*","matchCriteriaId":"6DE7BCD3-C969-4248-B325-8EAAE9959797"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/182716","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6233276","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/182716","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6233276","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}