Input Validation Vulnerabilities in IBM Security Directory Server
CVE-2019-4541

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Security Directory Server
Vendor: CVE Published:; 4 February 2020

Summary

The IBM Security Directory Server 6.4.0 has a flaw in its input validation mechanics as it employs incomplete blacklisting methods. This weakness enables attackers to circumvent established application controls, potentially leading to significant breaches in system functionality and data integrity. Such vulnerabilities can have widespread implications, making it critical for users and administrators to apply necessary patches and follow security best practices.

Affected Version(s)

Security Directory Server 6.4.0

References

https://www.ibm.com/support/pages/node/1288660

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/165814

vdb-entryx_refsource_XF

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 4, 2020
Vulnerability Reserved
Jan 3, 2019