CVE-2019-4640

4.4MEDIUM

Key Information:

Vendor: IBM
Status: Security Secret Server
Vendor: CVE Published:; 19 February 2020

Summary

IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code. IBM X-Force ID: 170046.

Affected Version(s)

Security Secret Server 10.7

References

https://www.ibm.com/support/pages/node/2929923

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/170046

vdb-entryx_refsource_XF

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 19, 2020
Vulnerability Reserved
Jan 3, 2019