{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T02:51:11.881","vulnerabilities":[{"cve":{"id":"CVE-2019-4427","sourceIdentifier":"psirt@us.ibm.com","published":"2020-02-12T16:15:11.287","lastModified":"2024-11-21T04:43:35.703","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Cloud CLI 0.6.0 through 0.16.1 windows installers are signed using SHA1 certificate. An attacker might be able to exploit the weak algorithm to generate a installer with malicious software inside. IBM X-Force ID: 162773."},{"lang":"es","value":"Los instaladores de Windows de IBM Cloud CLI versiones 0.6.0 hasta 0.16.1, son firmados con el certificado SHA1. Un atacante podría ser capaz de explotar el algoritmo débil para generar un instalador con software malicioso dentro. ID de IBM X-Force: 162773."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-327"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:cloud_cli:*:*:*:*:*:*:*:*","versionStartIncluding":"0.6.0","versionEndIncluding":"0.16.1","matchCriteriaId":"E1218C5D-304C-4DE1-97C8-4E4086285CCD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/162773","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/1356087","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/162773","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/1356087","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}