cvelist/2019/4xxx/CVE-2019-4038.json

{
    "CVE_data_meta": {
        "ASSIGNER": "psirt@us.ibm.com",
        "DATE_PUBLIC": "2019-02-01T00:00:00",
        "ID": "CVE-2019-4038",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Security Identity Manager",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "6.0"
                                        },
                                        {
                                            "version_value": "7.0"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "IBM"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control flow paths through the application, potentially bypassing security checks. Exploitation of this weakness can result in a limited form of code injection. IBM X-Force ID: 156162."
            }
        ]
    },
    "impact": {
        "cvssv3": {
            "BM": {
                "A": "H",
                "AC": "L",
                "AV": "P",
                "C": "H",
                "I": "H",
                "PR": "H",
                "S": "C",
                "SCORE": "7.200",
                "UI": "N"
            },
            "TM": {
                "E": "U",
                "RC": "C",
                "RL": "O"
            }
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Gain Access"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "ibm-sim-cve20194038-code-injection(156162)",
                "refsource": "XF",
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/156162"
            },
            {
                "name": "https://www.ibm.com/support/docview.wss?uid=ibm10869604",
                "refsource": "CONFIRM",
                "url": "https://www.ibm.com/support/docview.wss?uid=ibm10869604"
            }
        ]
    }
}
- Synchronized data. 2019-01-03 15:04:29 -05:00			`{`
"-Synchronized-Data." 2019-03-18 00:40:03 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "psirt@us.ibm.com",`
			`"DATE_PUBLIC": "2019-02-01T00:00:00",`
			`"ID": "CVE-2019-4038",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Security Identity Manager",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "6.0"`
			`},`
			`{`
			`"version_value": "7.0"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "IBM"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
IBM20190204-144817 Added CVE-2018-1675, CVE-2018-1801, CVE-2019-4038, CVE-2018-1970, CVE-2018-1962 2019-02-04 14:48:17 -05:00			`{`
"-Synchronized-Data." 2019-03-18 00:40:03 +00:00			`"lang": "eng",`
			`"value": "IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control flow paths through the application, potentially bypassing security checks. Exploitation of this weakness can result in a limited form of code injection. IBM X-Force ID: 156162."`
IBM20190204-144817 Added CVE-2018-1675, CVE-2018-1801, CVE-2019-4038, CVE-2018-1970, CVE-2018-1962 2019-02-04 14:48:17 -05:00			`}`
"-Synchronized-Data." 2019-03-18 00:40:03 +00:00			`]`
			`},`
			`"impact": {`
			`"cvssv3": {`
			`"BM": {`
			`"A": "H",`
			`"AC": "L",`
			`"AV": "P",`
			`"C": "H",`
			`"I": "H",`
			`"PR": "H",`
			`"S": "C",`
			`"SCORE": "7.200",`
			`"UI": "N"`
			`},`
			`"TM": {`
			`"E": "U",`
			`"RC": "C",`
			`"RL": "O"`
			`}`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Gain Access"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "ibm-sim-cve20194038-code-injection(156162)",`
			`"refsource": "XF",`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/156162"`
			`},`
			`{`
			`"name": "https://www.ibm.com/support/docview.wss?uid=ibm10869604",`
			`"refsource": "CONFIRM",`
			`"url": "https://www.ibm.com/support/docview.wss?uid=ibm10869604"`
			`}`
			`]`
			`}`
			`}`