Vulnerability CVE-2019-4381
Published: 2019-06-14

Description:
IBM i 7.27.3 Clustering could allow a local attacker to obtain sensitive information, caused by the use of advanced node failure detection using the REST API to interface with the HMC. An attacker could exploit this vulnerability to obtain HMC credentials. IBM X-Force ID: 162159.

Type:

CWE-255

 (Credentials Management)

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.1/10
2.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
IBM -> I 

 References:
http://www.securityfocus.com/bid/108808
https://exchange.xforce.ibmcloud.com/vulnerabilities/162159
https://www.ibm.com/support/docview.wss?uid=ibm10887369
Copyright 2024, cxsecurity.com

 

Back to Top