CVE-2019-4457

EUVD-2019-14064
IBM Jazz Foundation 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 163654.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
ibmCNA
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/A:N/PR:L/AC:L/C:L/S:U/UI:N/AV:N/I:N/E:U/RC:C/RL:O
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
ibmjazz_foundation
6.0.0 ≤
𝑥
≤ 6.0.6.1
𝑥
= Vulnerable software versions
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/163654
https://www.ibm.com/support/pages/node/2867997
https://exchange.xforce.ibmcloud.com/vulnerabilities/163654
https://www.ibm.com/support/pages/node/2867997