CVE-2020-4805
Description
IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189539.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM Edge 4.2 stores web pages locally, allowing another local user to read cached data without authentication.
Vulnerability
IBM Edge version 4.2 allows web pages to be stored in a local cache that is readable by another user on the same system. The vulnerability stems from insecure file permissions or storage location, enabling cross-user data leakage. [1]
Exploitation
An attacker with local access to the system can read the cached web pages stored by IBM Edge. No authentication or special privileges are required beyond the ability to browse the local file system. The attacker must have a local user account on the same machine. [1]
Impact
Successful exploitation results in the disclosure of cached web page content, which may include sensitive information such as session tokens or personal data. The confidentiality impact is low, and there is no impact on integrity or availability. The CVSS base score is 4.0 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). [1]
Mitigation
IBM provides a fix by delivering updated Docker images that are automatically pulled and deployed from Docker Hub and the IBM Entitled Registry. Users should ensure their deployment pulls the latest images. No workarounds are available. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- IBM/Edgev5Range: 4.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/189539mitrevdb-entryx_refsource_XF
- www.ibm.com/support/pages/node/6491633mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.