CVE-2019-4225

CWE-532Log File Information Exposure4 documents4 sources
Severity
4.4MEDIUM
EPSS
0.0%
top 87.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Pureapplication System
Timeline
PublishedJun 26
Latest updateMay 24

Description

IBM PureApplication System 2.2.3.0 through 2.2.5.3 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 159242.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

NVDibm/pureapplication_system2.2.3.02.2.5.3
CVEListV5ibm/pureapplication_system8 versions+7

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

3
GHSA
GHSA-j46j-hr86-qf36: IBM PureApplication System 22022-05-24
OSV
linux-hwe vulnerabilities2020-01-18
CVEList
CVE-2019-4225: IBM PureApplication System 22019-06-26
CVE-2019-4225 (MEDIUM CVSS 4.4) | IBM PureApplication System 2.2.3.0 | cvebase.io