CVE-2019-4072 MEDIUM

CVE-2019-4072

Vendor Ibm
Product Spectrum Control Standard Edition
Published May 9, 2019
Last update September 17, 2024

CVSS base score

4.7/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AC:L/S:U/AV:N/A:L/C:L/PR:H/UI:N/I:L/RC:C/RL:O/E:U

What the vulnerability does

01Description

IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) allows users to remain idle within the application even when a user has logged out. Utilizing the application back button users can remain logged in as the current user for a short period of time, therefore users are presented with information for Spectrum Control Application. IBM X-Force ID: 157064.

Key dates

02Disclosure timeline

May 9, 2019 CVE published
September 17, 2024 Record updated