Lucene search
IBMED1001BC2D5FE9AD543275E6464B746D1FA23FF9421070FD3D579E3CE6719D5AHistoryFeb 19, 2020 - 3:19 a.m.
Security Bulletin: A Security Vulnerability Has Been Identified In IBM Security Secret Server (CVE-2019-4640)
2020-02-1903:19:35
www.ibm.com
6
0.002 Low
EPSS
Percentile
51.6%
Summary
A security vulnerability identified on IBM Security Secret Server has been addressed in the release 10.7.000059.
Vulnerability Details
CVEID:CVE-2019-4640
**DESCRIPTION:**IBM Security Secret Server processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/170046 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security Secret Server | All |
Remediation/Fixes
Upgrade to the fixpack available here.
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security secret server | eq | any |
Related
prion
prion
Code injection
2020-02-19 16:15:00
cve
cve
CVE-2019-4640
2020-02-19 16:15:11
cvelist
cvelist
CVE-2019-4640
2020-02-18 00:00:00
nvd
nvd
CVE-2019-4640
2020-02-19 16:15:11
ibm
ibm
0.002 Low
EPSS
Percentile
51.6%
Related for ED1001BC2D5FE9AD543275E6464B746D1FA23FF9421070FD3D579E3CE6719D5A