Lucene search
IBME3A65C56994981744EEDF4E6791D4ED91286288BCD659AD7764C5721F0A90109HistoryAug 14, 2019 - 5:46 p.m.
Security Bulletin: IBM StoredIQ is affected by a cross-site request forgery (CVE-2019-4167)
2019-08-1417:46:21
www.ibm.com
9
0.0005 Low
EPSS
Percentile
17.3%
Summary
IBM StoredIQ has addressed the following vulnerability: Cross-site request forgery.
Vulnerability Details
CVEID:CVE-2019-4167
DESCRIPTION: IBM StoredIQ is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158700> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)
Affected Products and Versions
Affected Products and Versions
| Affected Product | Affected Versions |
|---|---|
| IBM StoredIQ | 7.6.0.0. - 7.6.0.18 |
Remediation/Fixes
| Product | VRMF | Remediation / First Fix |
|---|---|---|
| IBM StoredIQ | 7.6.0.0 - 7.6.0.18 | After upgrading to fix pack 7.6.0.18, apply fix pack 7.6.0.19 that is available from Fix Central https://www.ibm.com/support/fixcentral/ |
Workarounds and Mitigations
None
Related
cve
cve
CVE-2019-4167
2019-08-20 20:15:13
cvelist
cvelist
CVE-2019-4167
2019-08-14 00:00:00
nvd
nvd
CVE-2019-4167
2019-08-20 20:15:13
prion
prion
Cross site request forgery (csrf)
2019-08-20 20:15:00
0.0005 Low
EPSS
Percentile
17.3%
Related for E3A65C56994981744EEDF4E6791D4ED91286288BCD659AD7764C5721F0A90109