CVE-2019-4427

Summary

IBM Cloud CLI 0.6.0 through 0.16.1 windows installers are signed using SHA1 certificate. An attacker might be able to exploit the weak algorithm to generate a installer with malicious software inside. IBM X-Force ID: 162773.

Affected Software

VendorProductVersion RangeStatus
IBMCloud CLI0.6.0affected
IBMCloud CLI0.16.1affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References