5.3
CVE-2019-4061
- EPSS 59.88%
- Veröffentlicht 27.02.2019 22:29:01
- Zuletzt bearbeitet 21.11.2024 04:43:06
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Bigfix Platform Version >= 9.2 <= 9.2.16
Ibm ≫ Bigfix Platform Version >= 9.5 <= 9.5.11
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 59.88% | 0.982 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
| psirt@us.ibm.com | 5.3 | 3.9 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.