CVE-2020-4170
Description
IBM Security Guardium Insights 2.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 174406.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM Security Guardium Insights 2.0.1 is vulnerable to cross-site request forgery, allowing an attacker to execute unauthorized actions on behalf of an authenticated user.
Vulnerability
IBM Security Guardium Insights version 2.0.1 is vulnerable to cross-site request forgery (CSRF). This vulnerability allows an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. The affected product is IBM Security Guardium Insights 2.0.1 [1].
Exploitation
An attacker can exploit this vulnerability by tricking an authenticated user into clicking a malicious link or visiting a crafted webpage. The attacker does not require any authentication but relies on the victim's active session. The attack is performed over the network with low complexity, requiring user interaction [1].
Impact
Successful exploitation allows the attacker to perform unauthorized actions on behalf of the victim user, leading to a low integrity impact. There is no impact on confidentiality or availability. The CVSS base score is 4.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) [1].
Mitigation
IBM has released a security bulletin [1] addressing this vulnerability. The bulletin provides remediation steps. Users should apply the fix as recommended. No workarounds are available [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: = 2.0.1
- Range: 2.0.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/174406mitrevdb-entryx_refsource_XF
- www.ibm.com/support/pages/node/6320055mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.