Lucene search
IBM90042FC008A48C525397FA10938CF956A45BFA32F38D27F90F2CEE53CEC7B6E8HistoryAug 01, 2019 - 12:30 p.m.
Security Bulletin: IBM Jazz for Service Management could allow an unauthorized local user to create unique catalog names that could cause a denial of service (CVE-2019-4275)
2019-08-0112:30:46
www.ibm.com
7
0.0004 Low
EPSS
Percentile
5.1%
Summary
Security Bulletin: IBM Jazz for Service Management could allow an unauthorized local user to create unique catalog names that could cause a denial of service
Vulnerability Details
CVEID: CVE-2019-4275 DESCRIPTION: IBM Jazz for Service Management could allow an unauthorized local user to create unique catalog names that could cause a denial of service.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160296> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
Jazz for Service Management version 1.1.3 - 1.1.3.2
Remediation/Fixes
| Affected JazzSM Version | Recommended Fix. |
|---|---|
| Jazz for Service Management version 1.1.3 - 1.1.3.2 | Install 1.1.3-TIV-JazzSM-multi-FP003 |
Workarounds and Mitigations
Please refer Read-me available as part of 1.1.3-TIV-JazzSM-multi-FP003
| CPE | Name | Operator | Version |
|---|---|---|---|
| jazz for service management | eq | 1.1.3 | |
| jazz for service management | eq | 1.1.3.1 | |
| jazz for service management | eq | 1.1.3.2 |
Related
cvelist
cvelist
CVE-2019-4275
2019-08-01 00:00:00
nvd
nvd
CVE-2019-4275
2019-08-02 14:15:14
cve
cve
CVE-2019-4275
2019-08-02 14:15:14
prion
prion
Code injection
2019-08-02 14:15:00
0.0004 Low
EPSS
Percentile
5.1%
Related for 90042FC008A48C525397FA10938CF956A45BFA32F38D27F90F2CEE53CEC7B6E8