CVE-2019-4259

A security vulnerability has been identified in IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 with CES stack enabled that could allow sensitive data to be included with service snaps. IBM X-Force ID: 160011.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ibmspectrum_scale
4.1.1.0 ≤
𝑥
≤ 4.1.1.22
ibmspectrum_scale
4.2.0.0 ≤
𝑥
≤ 4.2.3.13
ibmspectrum_scale
5.0.0.0 ≤
𝑥
≤ 5.0.2.3
𝑥
= Vulnerable software versions
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/160011
https://www.ibm.com/support/docview.wss?uid=ibm10883568
https://exchange.xforce.ibmcloud.com/vulnerabilities/160011
https://www.ibm.com/support/docview.wss?uid=ibm10883568