CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-4202

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0830%
EPSS Percentile35.03th
Published2019年4月15日
Last Modified2024年11月21日

Vulnerability Description

IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal is vulnerable to command injection. An attacker with a specially crafted request can run arbitrary code on the server and gain complete access to the system. IBM X-Force ID: 159123.

Affected Platforms (CPE)

📦
Ibm

Api Connect

>= 5.0.0.0 and <= 5.0.8.6

References & Advisories

🔗 http://www.securityfocus.com/bid/107908
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/159123
🔗 https://www.ibm.com/support/docview.wss?uid=ibm10880109
🔗 http://www.securityfocus.com/bid/107908
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/159123
🔗 https://www.ibm.com/support/docview.wss?uid=ibm10880109

相关漏洞威胁

CVE-2008-206410.0

Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental d...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-2018-13379.8

In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use th...

CVE-2018-14699.8

IBM API Connect Developer Portal 5.0.0.0 through 5.0.8.2 could allow an unauthenticated attacker to execute system commands using ...