CVE-2019-4719

3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 74.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
IBM MQIBM MQ ApplianceIBM Websphere MQ
Timeline
PublishedMar 16
Latest updateMay 24

Description

IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDibm/mq_appliance8.0.0.08.0.0.14+2
NVDibm/mq8.0.0.08.0.0.14+3
NVDibm/websphere_mq7.1.0.07.5.0.9
CVEListV5ibm/mq50 versions+49

🔴Vulnerability Details

2
GHSA
GHSA-jfc3-3hwg-xw3w: IBM MQ and IBM MQ Appliance 72022-05-24
CVEList
CVE-2019-4719: IBM MQ and IBM MQ Appliance 72020-03-16
CVE-2019-4719 (MEDIUM CVSS 5.5) | IBM MQ and IBM MQ Appliance 7.1 | cvebase.io