← Back

CVE-2019-4069

nvd nist
Published: Jun 7, 2019Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not properly validate file types, allowing an attacker to upload malicious content. IBM X-Force ID: 157014.

Affected (3)

Ibm
3 products
Intelligent Operations Center
Intelligent Operations Center For Emergency Management
Water Operations For Waternamics
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Intelligent Operations Center
From 5.1.0 to 5.2.0
Intelligent Operations Center For Emergency Management
From 5.1.0 to 5.1.0.6
Water Operations For Waternamics
From 5.1.0 to 5.2.1.1

Related CWEs

CWE-434
Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (4)

Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.