CVE-2019-4151

CWE-3264 documents4 sources
Severity
5.9MEDIUM
EPSS
0.1%
top 70.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Access Manager
Timeline
PublishedJun 25
Latest updateMay 24

Description

IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158512.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

NVDibm/security_access_manager9.0.19.0.6
CVEListV5ibm/security_access_manager6 versions+5

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

3
GHSA
GHSA-hm9h-qvfm-ggw4: IBM Security Access Manager 92022-05-24
OSV
python2.7, python3.4 vulnerabilities2019-10-10
CVEList
CVE-2019-4151: IBM Security Access Manager 92019-06-25
CVE-2019-4151 (MEDIUM CVSS 5.9) | IBM Security Access Manager 9.0.1 t | cvebase.io