| |
Vulnerability CVE-2019-4038
Published: 2019-02-04
| Description: |
IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control flow paths through the application, potentially bypassing security checks. Exploitation of this weakness can result in a limited form of code injection. IBM X-Force ID: 156162. |
Type:
CWE-264 (Permissions, Privileges, and Access Controls)
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.6/10 |
6.4/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://exchange.xforce.ibmcloud.com/vulnerabilities/156162
https://www.ibm.com/support/docview.wss?uid=ibm10869604
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
