CVE-2020-4803
Description
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189535.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM Edge 4.2 allows local storage of web pages that can be read by another user on the same system, a cache control vulnerability with low confidentiality impact.
Vulnerability
IBM Edge version 4.2 stores web pages locally on the file system. An attacker with local access to the system can read these cached pages. The vulnerability has a CVSS base score of 4.0 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) and requires no authentication or user interaction beyond local access to the machine [1].
Exploitation
An attacker with local access to the system can read the cached web page files stored by IBM Edge. No special privileges or user interaction are required; the attacker simply needs to be able to access the file system where the cached content is stored [1].
Impact
On successful exploitation, an attacker can read locally stored web page content that was accessed by another user of IBM Edge, resulting in a low confidentiality impact. There is no integrity or availability impact [1].
Mitigation
IBM has resolved this vulnerability in a set of Docker images that are automatically pulled and deployed from Docker Hub and the IBM Entitled Registry. Users must upgrade to the fixed images. No workarounds are available [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- IBM/Edgev5Range: 4.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/189535mitrevdb-entryx_refsource_XF
- www.ibm.com/support/pages/node/6491625mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.