← back
CVE-2019-4539

CVE-2019-4539

CVSS 7.1 HIGHEPSS 1.2%
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.1EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
02 Oct 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system. IBM X-Force ID: 165812.
CVSS:3.0/PR:L/A:H/I:L/AV:N/S:U/C:N/AC:L/UI:N/E:U/RC:C/RL:O
Affected products
IBM · Security Directory Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/165812https://www.ibm.com/support/pages/node/1077045