Permissions, Privileges, and Access Controls in IBM InfoSphere Information Server - CVE-2019-4185

 

Permissions, Privileges, and Access Controls in IBM InfoSphere Information Server - CVE-2019-4185

Published: May 28, 2024


Vulnerability identifier: #VU89848
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2019-4185
CWE-ID: CWE-264
Exploitation vector: Adjecent network
Exploit availability: No public exploit available
Vendor: IBM Corporation
Affected software:
IBM InfoSphere Information Server

Detailed vulnerability description

The vulnerability allows adjacent user to escalate privileges on the system.

The vulnerability exists due to insecurely configured component. An adjacent user can bypass security restrictions and escalate privileges on the system.


How to mitigate CVE-2019-4185

Install updates from vendor's website.

Sources