PT-2020-10999 · Ibm · Ibm Security Secret Server

Published

2020-01-28

Updated

2020-08-24

CVE-2019-4635

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM Security Secret Server version 10.7

Description The issue allows a privileged user to perform unauthorized command injection due to improper input neutralization of special elements.

Recommendations For IBM Security Secret Server version 10.7, consider restricting access to privileged user accounts until a patch is available. As a temporary workaround, ensure proper input validation and sanitization of special elements to minimize the risk of command injection.

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2019-4635

Affected Products

Ibm Security Secret Server

PT-2020-10999 · Ibm · Ibm Security Secret Server

CVE-2019-4635

Weakness Enumeration

Related Identifiers

Affected Products

References · 5