CVE-2019-4116

5 documents4 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 83.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Cloud Private
Timeline
PublishedJul 25
Latest updateMay 24

Description

IBM Cloud Private 2.1.0, 3.1.0, and 3.1.1 could disclose highly sensitive information in installer logs that could be use for further attacks against the system. IBM X-Force ID: 158115.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/cloud_private2.1.0, 3.1.0, 3.1.1+2
NVDibm/cloud_private2.1.0, 3.1.0, 3.1.1+2

🔴Vulnerability Details

2
GHSA
GHSA-qr2j-2h2g-pvm2: IBM Cloud Private 22022-05-24
CVEList
CVE-2019-4116: IBM Cloud Private 22019-07-25

💥Exploits & PoCs

2
Exploit-DB
Free MP3 CD Ripper 2.6 - '.wma' Local Buffer Overflow (SEH)2018-09-14
Exploit-DB
Free MP3 CD Ripper 2.6 - '.mp3' Buffer Overflow (SEH)2018-09-13
CVE-2019-4116 (MEDIUM CVSS 5.5) | IBM Cloud Private 2.1.0 | cvebase.io