Sensitive Data Exposure in IBM MQ Appliance 9.1.4.CD
CVE-2019-4731

5.1MEDIUM

Key Information:

Vendor: IBM
Status: MQ Appliance
Vendor: CVE Published:; 28 July 2020

Summary

The IBM MQ Appliance version 9.1.4.CD is susceptible to a vulnerability that could allow a local attacker to access highly sensitive information due to the improper handling of sensitive data within trace logs. This exposure can lead to unintended information disclosure, potentially compromising the confidentiality of data managed by the appliance. For further details, refer to the IBM X-Force ID: 172616.

Affected Version(s)

MQ Appliance 9.1.4.CD

References

https://www.ibm.com/support/pages/node/1125885

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/172616

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 28, 2020
Vulnerability Reserved
Jan 3, 2019