4.3
CVE-2019-4234
- EPSS 0.17%
- Veröffentlicht 26.06.2019 15:15:10
- Zuletzt bearbeitet 21.11.2024 04:43:21
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. An attacker by intercepting the subsequent requests can bypass business logic to modify the pattern to unlocked state. IBM X-Force ID: 159416.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Pureapplication System Version >= 2.2.3.0 <= 2.2.5.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.381 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:P/A:N
|
| psirt@us.ibm.com | 4.3 | 2.8 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|