How severe is CVE-2019-4425?

Medium severity. CVSS v3 base score is 5.7 out of 10.

Vulnerability in Ibm Business Automation Workflow

CVE-2019-4425

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could allow a user to obtain highly sensitive information from another user by inserting links that would be clicked on by unsuspecting users. IBM X-Force ID: 162771.

EPSS: 0.003 (49.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.7 (Medium). Vector: CVSS:3.0/AC:L/A:N/C:H/PR:L/I:N/UI:R/AV:N/S:U/RL:O/RC:C/E:U.

Affected products

Ibm Business Automation Workflow — versions 18.0.0.0, 18.0.0.1, 18.0.0.2

References

www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
ibm-baw-cve20194425-info-disc (162771) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2019-4425?: CVE-2019-4425 is a medium-severity vulnerability in Ibm Business Automation Workflow. CVSS score: 5.7/10. Published 2019-08-20.
How severe is CVE-2019-4425?: Medium severity. CVSS v3 base score is 5.7 out of 10.