Vulnerability Description
Some URIs in IBM API Connect 2018.1 and 2018.4.1.3 disclose system specification information like the machine id, system uuid, filesystem paths, network interface names along with their mac addresses. An attacker can use this information in targeted attacks. IBM X-Force ID: 156542.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Api Connect | >= 2018.1.0, <= 2018.4.1.3 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/107841
- https://exchange.xforce.ibmcloud.com/vulnerabilities/156542VDB EntryVendor Advisory
- https://www.ibm.com/support/docview.wss?uid=ibm10879395Vendor Advisory
- http://www.securityfocus.com/bid/107841
- https://exchange.xforce.ibmcloud.com/vulnerabilities/156542VDB EntryVendor Advisory
- https://www.ibm.com/support/docview.wss?uid=ibm10879395Vendor Advisory
FAQ
What is CVE-2019-4051?
CVE-2019-4051 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Some URIs in IBM API Connect 2018.1 and 2018.4.1.3 disclose system specification information like the machine id, system uuid, filesystem paths, network interface names along with their mac addresses....
How severe is CVE-2019-4051?
CVE-2019-4051 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-4051?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Api Connect.