Vulnerability in Ibm Security Guardium
CVE-2019-4292
IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. IBM X-Force ID: 160698.
EPSS: 0.045 (89.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/PR:L/A:H/S:U/I:H/C:H/AC:L/AV:N/UI:N/RC:C/E:U/RL:O.
Affected products
- Ibm Security Guardium — versions 10.5
References
- www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
- ibm-guardium-cve20194292-file-upload (160698) (vdb-entry, x_refsource_XF)
- 109005 (vdb-entry, x_refsource_BID)
Frequently asked questions
- What is CVE-2019-4292?
- CVE-2019-4292 is a high-severity vulnerability in Ibm Security Guardium. CVSS score: 8.8/10. Published 2019-07-02.
- How severe is CVE-2019-4292?
- High severity. CVSS v3 base score is 8.8 out of 10.