CVE-2019-4640

CRITICAL

9.8

Description

IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code. IBM X-Force ID: 170046.

CVE Details

CVSS v3.1 Score9.8

SeverityCRITICAL

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published2/19/2020

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

ibm:security_secret_servermicrosoft:windows

Weaknesses (CWE)

CWE-346

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/170046(psirt@us.ibm.com)

https://www.ibm.com/support/pages/node/2929923(psirt@us.ibm.com)

https://exchange.xforce.ibmcloud.com/vulnerabilities/170046(af854a3a-2127-422b-91ae-364da2661108)

https://www.ibm.com/support/pages/node/2929923(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.