Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM686178EF99D6CC99D2735C8BDE704DD29259F271CA4F959DD29447ABB9AE1616
HistoryMay 04, 2020 - 9:49 p.m.

Security Bulletin: Java Vulnerability Impacts IBM Control Center (CVE-2019-4723)

2020-05-0421:49:52
www.ibm.com
23

EPSS

0.002

Percentile

55.7%

JSON

Summary

There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 7 and 8 that is used by IBM Control Center. The issue was disclosed as part of the IBM Java SDK update in January 2020.

Vulnerability Details

CVEID:CVE-2019-4732
**DESCRIPTION:**IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618.
CVSS Base score: 7.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172618 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Control Center 6.0.0.2
IBM Control Center 6.1.2

Remediation/Fixes

Product

|

VRMF

|

iFix

|

Remediation

—|—|—|—

IBM Control Center

|

6.0.0.2

|

iFix09

|

Fix Central - 6.0.0.2

IBM Control Center

|

6.1.2.1

|

iFix02

|

Fix Central - 6.1.2.1

Workarounds and Mitigations

None

Related

cvelist 2
cve 2
nvd 2
prion 2
ibm 131
redhatcve 1
nessus 3
openvas 2
cvelist
cvelist
CVE-2019-4723
2021-05-31 15:10:40
CVE-2019-4732
2020-02-03 16:45:18
cve
cve
CVE-2019-4723
2021-06-01 14:15:08
CVE-2019-4732
2020-02-03 17:15:14
nvd
nvd
CVE-2019-4723
2021-06-01 14:15:08
CVE-2019-4732
2020-02-03 17:15:14
prion
prion
Design/Logic Flaw
2021-06-01 14:15:00
Spoofing
2020-02-03 17:15:00
ibm
ibm
Security Bulletin: Vulnerability in IBM Java SDK affect Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections
2020-04-28 16:54:21
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software
2020-05-19 15:27:17
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Performance Tester
2020-05-08 18:12:50
redhatcve
redhatcve
CVE-2019-4732
2020-01-31 23:36:37
nessus
nessus
IBM Java 8.0 < 8.0.6.5
2022-04-29 00:00:00
SUSE SLED15 / SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:0466-1)
2020-02-26 00:00:00
SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2020:0528-1)
2020-03-02 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:0528-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0466-1)
2021-04-19 00:00:00

EPSS

0.002

Percentile

55.7%

JSON
Related for 686178EF99D6CC99D2735C8BDE704DD29259F271CA4F959DD29447ABB9AE1616
cvelist2cve2nvd2prion2ibm131redhatcve1nessus3openvas2