CVE-2019-4381

IBM i 7.27.3 Clustering could allow a local attacker to obtain sensitive information, caused by the use of advanced node failure detection using the REST API to interface with the HMC. An attacker could exploit this vulnerability to obtain HMC credentials. IBM X-Force ID: 162159.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
ibmCNA
5.9 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.0/AV:L/I:N/AC:H/UI:N/C:H/PR:N/A:N/S:C/RL:O/RC:C/E:U
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
ibmi
7.2
ibmi
7.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/108808
https://exchange.xforce.ibmcloud.com/vulnerabilities/162159
https://www.ibm.com/support/docview.wss?uid=ibm10887369
http://www.securityfocus.com/bid/108808
https://exchange.xforce.ibmcloud.com/vulnerabilities/162159
https://www.ibm.com/support/docview.wss?uid=ibm10887369