CyberSec.Space Logo
Back to CVE Browser

CVE-2019-4521

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1160%
EPSS Percentile15.05th
PublishedDec 10, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

Platform System Manager in IBM Cloud Pak System 2.3 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 165179.

Affected Platforms (CPE)

πŸ“¦
Ibm

Cloud Pak System

= 2.3
πŸ“¦
Ibm

Cloud Pak System

= 2.3.0.1

References & Advisories

πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/165179
πŸ”— https://www.ibm.com/support/pages/node/1126605
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/165179
πŸ”— https://www.ibm.com/support/pages/node/1126605

Related Vulnerabilities

CVE-2020-46279.0

IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary comman...

CVE-2020-49178.8

IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauth...

CVE-2019-41308.8

IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to ex...

CVE-2021-204797.5

IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic algorithms that could allow an at...