← back
CVE-2019-4620

CVE-2019-4620

CVSS 8.4 HIGHEPSS 0.4%
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.4EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
28 Jan 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM MQ Appliance 8.0 and 9.0 LTS could allow a local attacker to bypass security restrictions caused by improper validation of environment variables. IBM X-Force ID: 168863.
CVSS:3.0/S:U/A:H/I:H/AC:L/AV:L/C:H/UI:N/PR:N/RC:C/E:U/RL:O
Affected products
IBM · MQ Appliance