Vulnerabilities > CVE-2019-4381 - Credentials Management vulnerability in IBM I 7.2/7.3
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
IBM i 7.27.3 Clustering could allow a local attacker to obtain sensitive information, caused by the use of advanced node failure detection using the REST API to interface with the HMC. An attacker could exploit this vulnerability to obtain HMC credentials. IBM X-Force ID: 162159.
Common Weakness Enumeration (CWE)
References
- http://www.securityfocus.com/bid/108808
- http://www.securityfocus.com/bid/108808
- https://exchange.xforce.ibmcloud.com/vulnerabilities/162159
- https://exchange.xforce.ibmcloud.com/vulnerabilities/162159
- https://www.ibm.com/support/docview.wss?uid=ibm10887369
- https://www.ibm.com/support/docview.wss?uid=ibm10887369