CVE-2019-4234

Summary

IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. An attacker by intercepting the subsequent requests can bypass business logic to modify the pattern to unlocked state. IBM X-Force ID: 159416.

Affected Software

VendorProductVersion RangeStatus
IBMPureApplication System2.2.3.0affected
IBMPureApplication System2.2.3.1affected
IBMPureApplication System2.2.3.2affected
IBMPureApplication System2.2.4.0affected
IBMPureApplication System2.2.5.0affected
IBMPureApplication System2.2.5.1affected
IBMPureApplication System2.2.5.2affected
IBMPureApplication System2.2.5.3affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References