CVE-2019-4218Improper Privilege Management in IBM Security Information Queue

CWE-269Improper Privilege Management3 documents3 sources
Severity
3.3LOWNVD
EPSS
0.0%
top 88.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Information Queue
Timeline
PublishedJun 6
Latest updateMay 24

Description

IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 159227.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/security_information_queue1.0.0, 1.0.1, 1.0.2+2
NVDibm/security_information_queue1.0.0, 1.0.1, 1.0.2+2

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-92rj-6wjp-jwp6: IBM Security Information Queue (ISIQ) 12022-05-24
CVEList
CVE-2019-4218: IBM Security Information Queue (ISIQ) 12019-06-06
CVE-2019-4218 — Improper Privilege Management in IBM | cvebase