Input Validation Flaw in IBM Security Secret Server
CVE-2019-4637
4.3MEDIUM
Summary
IBM Security Secret Server 10.7 suffers from an input validation vulnerability due to incomplete blacklisting, which can lead attackers to circumvent application controls. This flaw undermines the integrity of the system and data, potentially affecting sensitive information stored within the application. Organizations using this version may be at risk of unauthorized access and manipulation of data, highlighting the importance of utilizing secure validation methods to protect sensitive data.
Affected Version(s)
Security Secret Server 10.7
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved