Vulnerability in Ibm Java
CVE-2019-4473
Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984.
EPSS: 0.000 (15.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.4 (High). Vector: CVSS:3.0/I:H/AC:L/A:H/C:H/UI:N/PR:N/AV:L/S:U/RL:O/RC:C/E:U.
Affected products
- Ibm Java — versions 7, 7R1, 8
References
- www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
- ibm-java-cve20194473-priv-escalation (163984) (vdb-entry, x_refsource_XF)
Frequently asked questions
- What is CVE-2019-4473?
- CVE-2019-4473 is a high-severity vulnerability in Ibm Java. CVSS score: 8.4/10. Published 2019-08-05.
- How severe is CVE-2019-4473?
- High severity. CVSS v3 base score is 8.4 out of 10.