CVE-2019-4635

Опубликовано: 28 янв. 2020

Источник: nvd

CVSS3: 2.7

CVSS2: 4

EPSS Низкий

Описание

IBM Security Secret Server 10.7 could allow a privileged user to perform unauthorized command injection due to imporoper input neutralization of special elements. IBM X-Force ID: 170011.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/170011
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/1283212
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/170011
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/1283212
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:security_secret_server:*:*:*:*:*:*:*:*

Версия до 10.7.000059 (исключая)

EPSS

Процентиль: 77%

0.01023

Низкий

2.7 Low

CVSS3

2.7 Low

CVSS3

4 Medium

CVSS2

Дефекты

CWE-77

Связанные уязвимости

GHSA-3xgx-wrc3-hjjj

github

больше 3 лет назад

IBM Security Secret Server 10.7 could allow a privileged user to perform unauthorized command injection due to imporoper input neutralization of special elements. IBM X-Force ID: 170011.

EPSS

Процентиль: 77%

0.01023

Низкий

2.7 Low

CVSS3

2.7 Low

CVSS3

4 Medium

CVSS2

Дефекты

CWE-77