CVE-2019-4292

Description

IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. IBM X-Force ID: 160698.

CVSS breakdown

CVSS 3.0

Privileges Required

Low

Availability

High

Scope

Unchanged

Integrity

High

Confidentiality

High

Attack Complexity

Low

Attack Vector

Network

User Interaction

None

Changed

Unchanged

Affected products

ibm / security_guardium10.5 – 10.5

References

MISChttps://www.ibm.com/support/docview.wss?uid=ibm10888279
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/160698
MISChttp://www.securityfocus.com/bid/109005