Lucene search
IBM9AC06D9FE3FB0D117B740BA374A9305095A3C2523AA48A680C1EC93A0223B5DFHistoryMar 19, 2020 - 6:48 p.m.
Security Bulletin: IBM Cloud Transformation Advisor is affected by a vulnerability in WebSphere Application Server Liberty (CVE-2019-4304)
2020-03-1918:48:10
www.ibm.com
11
EPSS
0.001
Percentile
44.3%
Summary
IBM Cloud Transformation Advisor has addressed the following vulnerability. CVE-2019-4304
Vulnerability Details
CVEID:CVE-2019-4304
**DESCRIPTION:**IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation. IBM X-Force ID: 160950.
CVSS Base score: 6.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/160950 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Cloud Transformation Advisor | 2.0.2 |
Remediation/Fixes
Upgrade to 2.0.3 or later
Workarounds and Mitigations
None
Related
ibm
ibm
Security Bulletin: IBM Cloud Private is vulnerable to an IBM WebSphere Application Server Liberty vulnerability (CVE-2019-4304)
2019-12-24 14:40:29
cvelist
cvelist
CVE-2019-4304
2019-09-30 15:20:31
prion
prion
Authentication flaw
2019-09-30 16:15:00
cve
cve
CVE-2019-4304
2019-09-30 16:15:11
nvd
nvd
CVE-2019-4304
2019-09-30 16:15:11
EPSS
0.001
Percentile
44.3%
Related for 9AC06D9FE3FB0D117B740BA374A9305095A3C2523AA48A680C1EC93A0223B5DF