CVE-2019-4051Sensitive Information Exposure in IBM API Connect

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.2%
top 58.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM API Connect
Timeline
PublishedApr 8
Latest updateJun 16

Description

Some URIs in IBM API Connect 2018.1 and 2018.4.1.3 disclose system specification information like the machine id, system uuid, filesystem paths, network interface names along with their mac addresses. An attacker can use this information in targeted attacks. IBM X-Force ID: 156542.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDibm/api_connect2018.1.02018.4.1.3
CVEListV5ibm/api_connect2018.1, 2018.4.1.3+1

🔴Vulnerability Details

3
OSV
dojo vulnerabilities2025-06-16
GHSA
GHSA-qpxq-x4wv-xrc2: Some URIs in IBM API Connect 20182022-05-14
CVEList
CVE-2019-4051: Some URIs in IBM API Connect 20182019-04-08
CVE-2019-4051 — Sensitive Information Exposure in IBM | cvebase