Information disclosure in Ibm Aix
CVE-2019-4193
IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history…
Vulnerability class: Information Disclosure
EPSS: 0.021 (79.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Ibm Aix
- Ibm Jazz For Service Management — versions 1.1.3, 1.1.3.2
- Ibm Jazz_for_service_management
- Linux Linux_kernel
- Microsoft Windows
Weakness classification (CWE)
References
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@us.ibm.com (VDB Entry, vdb-entry, Vendor Advisory, x_refsource_XF)
- psirt@us.ibm.com (vdb-entry, Broken Link, x_refsource_BID)
Frequently asked questions
- What is CVE-2019-4193?
- CVE-2019-4193 is a high-severity vulnerability in Ibm Aix, classified under Information Disclosure. CVSS score: 7.5/10. Published 2019-07-11.
- How severe is CVE-2019-4193?
- High severity. CVSS v3 base score is 7.5 out of 10.