How severe is CVE-2019-4149?

Medium severity. CVSS v3 base score is 5.4 out of 10.

Vulnerability in Ibm Business Automation Workflow

CVE-2019-4149

IBM Business Automation Workflow V18.0.0.0 through V18.0.0.2 and IBM Business Process Manager V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03, V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06, and V8.5.6.0 through V8.5.6.0 CF2 is vulnerab…

EPSS: 0.002 (46.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.0/AC:L/UI:R/AV:N/I:L/PR:L/A:N/S:C/C:L/RL:O/E:H/RC:C.

Affected products

Ibm Business Automation Workflow — versions 18.0.0.0, 18.0.0.2
Ibm Business Process Manager — versions 8.6.0.0, 8.5.6.0, 8.5.6.0CF2

References

www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
ibm-baw-cve20194149-xss (158415) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2019-4149?: CVE-2019-4149 is a medium-severity vulnerability in Ibm Business Automation Workflow. CVSS score: 5.4/10. Published 2019-09-05.
How severe is CVE-2019-4149?: Medium severity. CVSS v3 base score is 5.4 out of 10.