CVE DATABASE / CVE-2019-4521
CVE-2019-4521
CVSS 9.8 · CRITICAL
Summary
Platform System Manager in IBM Cloud Pak System 2.3 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 165179.
CVSS 3.1 breakdown
| Base score | 9.8 (CRITICAL) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Ibm cloud pak system
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/165179
- https://www.ibm.com/support/pages/node/1126605
Data: NIST NVD. NVD last modified 2024-11-21. Always verify against the vendor advisory before acting.