5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
Vulnerability has been identified in the Websphere Liberty AdminCenter in WebSphere Application Server Liberty bundled with Cloud Pak System (CVE-2019-4663) . Cloud Pak System has released v2.3.2.0 with supports WebSphere Application Server Liberty 19.0.0.12. Information about vulnerability has been published in security bulletin.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Principal Product and Affected Versions(s) | Affected Supporting Product and Version(s) |
---|
IBM Cloud Pak Systems All releases
|
WebSphere Application Server - Liberty
Cloud Pak System has released v2.3.2.0 with supports WebSphere Application Server Liberty 19.0.0.12.
Please consult the following security bulletin for vulnerability details and information about fixes
Or
Upgrade to Cloud Pak System 2.3.2.0
Information on upgrading can be found here: <https://www.ibm.com/support/pages/node/887959>
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm cloud pak system software | eq | 2.3 | |
ibm cloud pak system software | eq | 2.2 |
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N