CVE-2020-4809

Vulnerability

CVE-2020-4809 affects IBM Edge version 4.2. The application caches HTTPS responses and stores them locally on the filesystem in a manner that does not restrict access, meaning any local user on the system can read the cached web pages [1]. This is classified as a cacheable HTTPS response vulnerability.

Exploitation

An attacker must have local access to the system where IBM Edge 4.2 is running. No authentication or user interaction is required; the attacker can simply read the cached files from the filesystem. The CVSS vector (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) confirms that the attack vector is local and complexity is low [1].

Impact

Successful exploitation allows a local attacker to read cached web pages, leading to information disclosure of potentially sensitive data contained in those pages. The impact is limited to confidentiality (low), with no impact on integrity or availability [1].

Mitigation

IBM released a fix in the form of updated Docker images that are automatically pulled and deployed from Docker Hub and the IBM Entitled Registry [1]. No workarounds are available. Users should ensure their deployments pull the latest images to receive the fix.