Permissions, Privileges, and Access Controls in IBM InfoSphere Information Server - CVE-2019-4185
Published: May 28, 2024
Vulnerability identifier: #VU89848
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2019-4185
CWE-ID: CWE-264
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: IBM Corporation
Affected software:
IBM InfoSphere Information Server
IBM InfoSphere Information Server
Detailed vulnerability description
The vulnerability allows adjacent user to escalate privileges on the system.
The vulnerability exists due to insecurely configured component. An adjacent user can bypass security restrictions and escalate privileges on the system.
How to mitigate CVE-2019-4185
Install updates from vendor's website.