mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
91 lines
2.8 KiB
JSON
91 lines
2.8 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "psirt@us.ibm.com",
|
|
"DATE_PUBLIC": "2019-02-01T00:00:00",
|
|
"ID": "CVE-2019-4038",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Security Identity Manager",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "6.0"
|
|
},
|
|
{
|
|
"version_value": "7.0"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "IBM"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control flow paths through the application, potentially bypassing security checks. Exploitation of this weakness can result in a limited form of code injection. IBM X-Force ID: 156162."
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvssv3": {
|
|
"BM": {
|
|
"A": "H",
|
|
"AC": "L",
|
|
"AV": "P",
|
|
"C": "H",
|
|
"I": "H",
|
|
"PR": "H",
|
|
"S": "C",
|
|
"SCORE": "7.200",
|
|
"UI": "N"
|
|
},
|
|
"TM": {
|
|
"E": "U",
|
|
"RC": "C",
|
|
"RL": "O"
|
|
}
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Gain Access"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "ibm-sim-cve20194038-code-injection(156162)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/156162"
|
|
},
|
|
{
|
|
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10869604",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10869604"
|
|
}
|
|
]
|
|
}
|
|
} |