Medium severity5.3NVD Advisory· Published Sep 23, 2020· Updated Jun 17, 2026
CVE-2020-16240
CVE-2020-16240
Description
GE Digital APM Classic, Versions 4.4 and prior. An insecure direct object reference (IDOR) vulnerability allows user account data to be downloaded in JavaScript object notation (JSON) format by users who should not have access to such functionality. An attacker can download sensitive data related to user accounts without having the proper privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- GE Digital/APM Classicdescription
- Range: <=4.4
Patches
Vulnerability mechanics
References
1- us-cert.cisa.gov/ics/advisories/icsa-20-266-01nvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.