Vulnerability in Ibm Security Access Manager
CVE-2019-4157
IBM Security Access Manager 9.0.1 through 9.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credent…
EPSS: 0.002 (39.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.0/AC:L/UI:R/PR:N/A:N/S:C/AV:N/C:L/I:L/RC:C/E:H/RL:O.
Affected products
- Ibm Security Access Manager — versions 9.0.1, 9.0.3, 9.0.4
References
- www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
- ibm-sam-cve20194157-xss (158573) (vdb-entry, x_refsource_XF)
Frequently asked questions
- What is CVE-2019-4157?
- CVE-2019-4157 is a medium-severity vulnerability in Ibm Security Access Manager. CVSS score: 6.1/10. Published 2019-06-25.
- How severe is CVE-2019-4157?
- Medium severity. CVSS v3 base score is 6.1 out of 10.