CVE-2019-4541

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Security Directory Server
Vendor: CVE Published:; 4 February 2020

Summary

IBM Security Directory Server 6.4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 165814.

Affected Version(s)

Security Directory Server 6.4.0

References

https://www.ibm.com/support/pages/node/1288660

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/165814

vdb-entryx_refsource_XF

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 4, 2020
Vulnerability Reserved
Jan 3, 2019