Details of VAR-202004-2231

ID

VAR-202004-2231

CVE

CVE-2019-4532

TITLE

Unknown vulnerability in IBM Resilient

Trust: 0.6

sources: CNVD: CNVD-2020-23051

DESCRIPTION

IBM Resilient is a set of incident response platform of IBM in the United States. The platform supports such functions as incident response process orchestration and incident management. There are security vulnerabilities in IBM Resilient version 33.x and version 34.0. The vulnerability stems from the program's failure to properly limit the number or frequency of interactions with users. No detailed vulnerability details are currently available.

Trust: 0.6

sources: CNVD: CNVD-2020-23051

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-23051

AFFECTED PRODUCTS

vendor:	ibm	model:	resilient	scope:	eq	version:	33.*	Trust: 0.6
vendor:	ibm	model:	resilient	scope:	eq	version:	34.0	Trust: 0.6

sources: CNVD: CNVD-2020-23051

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2020-23051
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202004-520
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2020-23051
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2020-23051 // CNNVD: CNNVD-202004-520

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202004-520

PATCH

title:	Patch for Unknown vulnerability in IBM Resilient	url:	https://www.cnvd.org.cn/patchinfo/show/214059	Trust: 0.6
title:	IBM Resilient Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=113587	Trust: 0.6

sources: CNVD: CNVD-2020-23051 // CNNVD: CNNVD-202004-520

EXTERNAL IDS

db:	NVD	id:	CVE-2019-4532	Trust: 1.2
db:	CNVD	id:	CNVD-2020-23051	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1282	Trust: 0.6
db:	CNNVD	id:	CNNVD-202004-520	Trust: 0.6

sources: CNVD: CNVD-2020-23051 // CNNVD: CNNVD-202004-520

REFERENCES

url:	https://www.ibm.com/blogs/psirt/security-bulletin-ibm-resilient-onprem-does-not-properly-limit-the-number-or-frequency-of-pssword-reset-interactions/	Trust: 1.2
url:	https://www.auscert.org.au/bulletins/esb-2020.1282/	Trust: 0.6

sources: CNVD: CNVD-2020-23051 // CNNVD: CNNVD-202004-520

SOURCES

db:	CNVD	id:	CNVD-2020-23051
db:	CNNVD	id:	CNNVD-202004-520

LAST UPDATE DATE

2022-05-04T10:25:46.426000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-23051	date:	2020-04-16T00:00:00
db:	CNNVD	id:	CNNVD-202004-520	date:	2020-04-10T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-23051	date:	2020-04-16T00:00:00
db:	CNNVD	id:	CNNVD-202004-520	date:	2020-04-08T00:00:00