IBM Event Streams has addressed the following vulnerability
CVEID:CVE-2019-12399
**DESCRIPTION:**Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a flaw in the Connect REST API. By sending specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information in tasks endpoint.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174387 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Event Streams | 2019.2.1 |
IBM Event Streams in IBM Cloud Pak for Integration
|
2019.2.2
IBM Event Streams in IBM Cloud Pak for Integration
|
2019.2.3
IBM Event Streams
|
2019.4.1
IBM Event Streams in IBM Cloud Pak for Integration
| 2019.4.1
Upgrade from IBM Event Streams 2019.2.1 to IBM Event Streams 2019.4.1 by downloading IBM Event Streams 2019.4.1 from IBM Passport Advantage.
Upgrade from IBM Event Streams 2019.4.1 to the latest Fix Pack.
Upgrade IBM Event Streams 2019.2.2, IBM Event Streams 2019.2.3 and IBM Event Streams 2019.4.1 in IBM Cloud Pak for Integration by downloading IBM Event Streams 2019.4.2 in IBM Cloud Pak for Integration 2020.2.1 from IBM Passport Advantage.
None