Summary IBM FileNet Content Manager in GraphQL, there is a Cross-site request forgery security vulnerability. Vulnerability Details CVEID:CVE-2020-4745 DESCRIPTION: IBM FileNet Content Manager is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. CVSS Base score: 4.3 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/188333 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) Affected Products and Versions Affected Product(s) | Version(s) —|— FileNet Content Manager | 5.5.5 FileNet Content Manager | 5.5.4 Remediation/Fixes To resolve the security vulnerability, upgrade to one of the below releases: Product | VRMF | APAR | Remediation/First Fix —|—|—|— FileNet Content Manager | 5.5.4 5.5.5 | PJ46284 PJ46284 | 5.5.4.0-P8GQL-Container-IF004 – 2/24/2021 5.5.5.0-P8GQL-Container-IF003 – 2/4/2021 Only versions covered by continuous support for fixes are listed. Please apply the listed update to remediate. Workarounds and Mitigations…Read More