CVE-2019-4381

EUVD-2019-13988
IBM i 7.27.3 Clustering could allow a local attacker to obtain sensitive information, caused by the use of advanced node failure detection using the REST API to interface with the HMC. An attacker could exploit this vulnerability to obtain HMC credentials. IBM X-Force ID: 162159.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
ibmCNA
5.9 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.0/AV:L/I:N/AC:H/UI:N/C:H/PR:N/A:N/S:C/RL:O/RC:C/E:U
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
ibmi
7.2
ibmi
7.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/108808
https://exchange.xforce.ibmcloud.com/vulnerabilities/162159
https://www.ibm.com/support/docview.wss?uid=ibm10887369
http://www.securityfocus.com/bid/108808
https://exchange.xforce.ibmcloud.com/vulnerabilities/162159
https://www.ibm.com/support/docview.wss?uid=ibm10887369