CVE-2019-4257
Severity Score
4.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. Sensitive information in an error message may be used to conduct further attacks against the system. IBM X-Force ID: 159945.
IBM InfoSphere Information Server 11.5 y 11.7 es afectado por una vulnerabilidad de revelación de información. La información confidencial en un mensaje de error puede ser usado para conducir mas ataques contra el sistema. IBM X-Force ID: 159945
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-01-03 CVE Reserved
- 2019-06-06 CVE Published
- 2023-05-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-209: Generation of Error Message Containing Sensitive Information
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.ibm.com/support/docview.wss?uid=ibm10882478 | 2023-02-03 |
| URL | Date | SRC |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/159945 | 2023-02-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Infosphere Information Analyzer Search vendor "Ibm" for product "Infosphere Information Analyzer" | 11.5 Search vendor "Ibm" for product "Infosphere Information Analyzer" and version "11.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Infosphere Information Analyzer Search vendor "Ibm" for product "Infosphere Information Analyzer" | 11.7 Search vendor "Ibm" for product "Infosphere Information Analyzer" and version "11.7" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Infosphere Information Governance Catalog Search vendor "Ibm" for product "Infosphere Information Governance Catalog" | 11.5 Search vendor "Ibm" for product "Infosphere Information Governance Catalog" and version "11.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Infosphere Information Governance Catalog Search vendor "Ibm" for product "Infosphere Information Governance Catalog" | 11.7 Search vendor "Ibm" for product "Infosphere Information Governance Catalog" and version "11.7" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Infosphere Information Server On Cloud Search vendor "Ibm" for product "Infosphere Information Server On Cloud" | 11.5 Search vendor "Ibm" for product "Infosphere Information Server On Cloud" and version "11.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Infosphere Information Server On Cloud Search vendor "Ibm" for product "Infosphere Information Server On Cloud" | 11.7 Search vendor "Ibm" for product "Infosphere Information Server On Cloud" and version "11.7" | - |
Affected
| ||||||