A security vulnerability identified on IBM Security Secret Server has been addressed in the release 10.7.000059.
CVEID:CVE-2019-4640
**DESCRIPTION:**IBM Security Secret Server processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/170046 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Security Secret Server | All |
Upgrade to the fixpack available here.
None