CVE-2019-4520

Опубликовано: 02 окт. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 165178.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/165178
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/1077045
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/165178
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/1077045
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:security_directory_server:6.4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00305

Низкий

7.5 High

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-307

Связанные уязвимости

GHSA-gq9m-8c7h-8jr8

CVSS3: 7.5

github

больше 3 лет назад

IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 165178.

EPSS

Процентиль: 53%

0.00305

Низкий

7.5 High

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-307