IBM StoredIQ has addressed the following vulnerability: Missing function level access control.
CVEID: CVE-2019-4163 DESCRIPTION: IBM StoreIQ could allow an authenticated user to obtain sensitive information that a privileged user should only be allowed to view.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158696> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Affected Product | Affected Versions |
---|---|
IBM StoredIQ | 7.6.0.0. - 7.6.0.18 |
Product | VRMF | Remediation / First Fix |
---|---|---|
IBM StoredIQ | 7.6.0.0 - 7.6.0.18 | After upgrading to fix pack 7.6.0.18 apply fix pack 7.6.0.19 that is available from Fix Central https://www.ibm.com/support/fixcentral/ |
None