5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
41.3%
Open Liberty is a lightweight open framework for building fast and efficient cloud-native Java microservices.
This release of Open Liberty 19.0.0.12 serves as a replacement for Open Liberty 19.0.0.11 and includes bug fixes, enhancements, and security fixes. For specific information about this release, see links in the References section.
Security Fix(es):
Information disclosure vulnerability in WebSphere Application Server (CVE-2019-4441)
Man in the middle vulnerability in WebSphere Application Server Liberty (CVE-2014-3603)
(CVE-2019-4663)
For more details about the security issue(s), see the IBM Security Bulletin links for each CVE, listed in the References section.
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
41.3%