CVE-2019-4728

Description

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with SYSTEM privileges. IBM X-Force ID: 172452.

CVSS Version 3.1
CVSS Version 3.0
CVSS Version 2.0

nvd
CVE ID: CVE-2019-4728
Base Score: 8.8
Base Severity: HIGH
Vector String:CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 2.8

us.ibm
CVE ID: CVE-2019-4728
Base Score: 8.8
Base Severity: HIGH
Vector String:CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

nvd
CVE ID: CVE-2019-4728
Base Score: 9.0
Base Severity: HIGH
Vector String:AV:N/AC:L/Au:S/C:C/I:C/A:C

Refrence: NVD MITRE

Description​

Description