PT-2019-17049 · Ibm · Ibm I

Publicado

2019-06-14

·

Atualizado

2023-03-02

·

CVE-2019-4381

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions IBM i version 7.27.3
Description The issue allows a local attacker to obtain sensitive information by exploiting the use of advanced node failure detection using the REST API to interface with the HMC. This could potentially allow an attacker to obtain HMC credentials.
Recommendations For IBM i version 7.27.3, consider restricting access to the REST API until a patch is available. As a temporary workaround, limit the use of advanced node failure detection to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-255

Identificadores relacionados

CVE-2019-4381

Produtos afetados

Ibm I