CVE-2019-4382
First published: Tue Jun 25 2019(Updated: )
IBM API Connect 5.0.0.0 through 5.0.8.6 could allow an unauthorized user to obtain sensitive information about the system users using specially crafted HTTP requests. IBM X-Force ID: 162162.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM API Connect | >=5.0.0.0<=5.0.8.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-4382.
What is the severity rating of CVE-2019-4382?
The severity rating of CVE-2019-4382 is medium, with a score of 5.3.
What is the affected software for CVE-2019-4382?
The affected software for CVE-2019-4382 is IBM API Connect versions 5.0.0.0 through 5.0.8.6.
How can an unauthorized user exploit CVE-2019-4382?
An unauthorized user can exploit CVE-2019-4382 by sending specially crafted HTTP requests to obtain sensitive information about the system users.
Are there any available fixes or patches for CVE-2019-4382?
Yes, IBM has released a fix for CVE-2019-4382. Please refer to the IBM support documentation for more details.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- agent/remedy
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm api connect
- version/ibm api connect/5.0.0.0
- version/ibm api connect/5.0.8.6