5.3
CVE-2019-4061
- EPSS 72.69%
- Veröffentlicht 27.02.2019 22:29:01
- Zuletzt bearbeitet 21.11.2024 04:43:06
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Bigfix Platform Version >= 9.2 <= 9.2.16
Ibm ≫ Bigfix Platform Version >= 9.5 <= 9.5.11
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 72.69% | 0.987 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
| psirt@us.ibm.com | 5.3 | 3.9 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.