Lucene search
IBM39C1DC35E37B7A4091654838F0A732AAC4FFA507AB3AAFE7FCEC3D50F90FEE6BHistoryMar 11, 2019 - 9:25 p.m.
Security Bulletin: IBM Content Navigator is affected by a code execution vulnerability
2019-03-1121:25:01
www.ibm.com
14
0.004 Low
EPSS
Percentile
73.3%
Summary
IBM Content Navigator has addressed the following vulnerability.
Vulnerability Details
CVEID: CVE-2019-4034
**DESCRIPTION:*IBM Content Navigator could allow an attacker to execute arbitrary code on a user’s workstation. When editing an executable file in ICN with Edit service, it will be executed on the user’s workstation.
CVSS Base Score: 6.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/156000> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)
Affected Products and Versions
| Affected IBM Content Navigator | Affected Versions |
|---|---|
| IBM Content Navigator | 3.0 Continuous Delivery |
Remediation/Fixes
| Product | VRMF | Remediation / First Fix |
|---|---|---|
| IBM Content Navigator | 3.0 Continuous Delivery | 3.0.4 iFix004 and above, 3.0.5 iFix001 and above. |
Workarounds and Mitigations
None.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm content navigator | eq | any |
Related
nvd
nvd
CVE-2019-4034
2019-03-14 22:29:01
cvelist
cvelist
CVE-2019-4034
2019-03-11 00:00:00
prion
prion
Code injection
2019-03-14 22:29:00
cve
cve
CVE-2019-4034
2019-03-14 22:29:01
0.004 Low
EPSS
Percentile
73.3%
Related for 39C1DC35E37B7A4091654838F0A732AAC4FFA507AB3AAFE7FCEC3D50F90FEE6B