CVE-2019-4539 HIGH

CVE-2019-4539

Vendor Ibm
Product Security Directory Server
Published October 2, 2019
Last update September 17, 2024

CVSS base score

7.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/PR:L/A:H/I:L/AV:N/S:U/C:N/AC:L/UI:N/E:U/RC:C/RL:O

What the vulnerability does

01Description

IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system. IBM X-Force ID: 165812.

Key dates

02Disclosure timeline

October 2, 2019 CVE published
September 17, 2024 Record updated