CVE-2019-4640
First published: Wed Jan 08 2020(Updated: )
IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code. IBM X-Force ID: 170046.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Secret Server | ||
| Microsoft Windows | ||
| <=All |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-4640.
What is the severity level of CVE-2019-4640?
The severity level of CVE-2019-4640 is Critical (9.8).
Which software is affected by CVE-2019-4640?
IBM Security Secret Server (all versions) is affected by CVE-2019-4640.
What is the risk of CVE-2019-4640?
CVE-2019-4640 poses a high risk as it allows an attacker to execute malicious code.
How can I fix CVE-2019-4640?
To fix CVE-2019-4640, update IBM Security Secret Server to a version that includes the necessary security patches and code validation mechanisms.
- collector/nvd-index
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/description
- agent/softwarecombine
- agent/tags
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm security secret server
- vendor/microsoft
- canonical/microsoft windows
- version/ibm security secret server/all