CVE-2019-4465: Medium severity ibm cloud pak system vulnerability

Q: What is CVE-2019-4465?

CVE-2019-4465 is a vulnerability in IBM Cloud Pak System 2.3 and 2.3.0.1 that allows web pages to be stored locally and read by another user on the system.

Q: What is the severity of CVE-2019-4465?

The severity of CVE-2019-4465 is medium with a severity value of 4.

Q: How does CVE-2019-4465 affect IBM Cloud Pak System?

CVE-2019-4465 affects IBM Cloud Pak System versions 2.2.5 - 2.2.6 and 2.3, 2.3.0.1.

Q: How can I fix CVE-2019-4465 in IBM Cloud Pak System?

To fix CVE-2019-4465 in IBM Cloud Pak System, you should apply the necessary security patches provided by IBM.

Q: What is the CWE ID for CVE-2019-4465?

The CWE ID for CVE-2019-4465 is 269.

Published Dec 2, 2019

Updated

IBM Cloud Pak System 2.3 and 2.3.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 163774.

Other sources

IBM Platform System Manager in Cloud Pak System allows web pages to be stored locally which can be read by another user on the system.

— IBM

Affected Software

4 affected components

IBM Cloud Pak System=2.3

IBM Cloud Pak System=2.3.0.1

IBM Cloud Pak System<=2.2.5 - 2.2.6

IBM Cloud Pak System<=2.3, 2.3.0.1

Remediation

Patch Available

https://www.ibm.com/support/pages/node/1118487

Event History

Dec 2, 2019

CVE Published

via IBM·12:00 AM

Dec 3, 2019

CVE Published

via MITRE·02:55 PM

Data Sourced

via MITRE·02:55 PM

DescriptionSeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

IBM-1118487

Frequently Asked Questions

What is CVE-2019-4465?

CVE-2019-4465 is a vulnerability in IBM Cloud Pak System 2.3 and 2.3.0.1 that allows web pages to be stored locally and read by another user on the system.

What is the severity of CVE-2019-4465?