Local File Exposure in IBM WebSphere eXtreme Scale Admin Console
CVE-2019-4112

4MEDIUM

Key Information:

Vendor: IBM
Status: Websphere Extreme Scale
Vendor: CVE Published:; 30 September 2019

Summary

The IBM WebSphere eXtreme Scale 8.6 Admin Console contains a vulnerability that allows the local storage of web pages, enabling unauthorized users on the same system to read these files. This issue could lead to potential privacy violations and the exposure of sensitive information stored within the WebSphere environment. For further information, visit the IBM Support page or the X-Force Exchange.

Affected Version(s)

WebSphere eXtreme Scale 8.6

References

https://www.ibm.com/support/pages/node/1073864

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/158105

vdb-entryx_refsource_XF

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 30, 2019
Vulnerability Reserved
Jan 3, 2019