CVE-2019-4239

IBM MQ Advanced Cloud Pak (IBM Cloud Private 1.0.0 through 3.0.1) stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 159465.

Published : 2019-06-14 15:29 Updated : 2019-10-09 23:50

2.1
CVSS Score More info
Score 2.1 / 10
2.1
Vendor Product Version URI
Ibm Cloud Private 1.0.0 cpe:/a:ibm:cloud_private:1.0.0
Ibm Cloud Private 1.1.0 cpe:/a:ibm:cloud_private:1.1.0
Ibm Cloud Private 1.2.0 cpe:/a:ibm:cloud_private:1.2.0
Ibm Cloud Private 1.3.0 cpe:/a:ibm:cloud_private:1.3.0
Ibm Cloud Private 2.0.0 cpe:/a:ibm:cloud_private:2.0.0
Ibm Cloud Private 2.1.0 cpe:/a:ibm:cloud_private:2.1.0
Ibm Cloud Private 2.1.0.1 cpe:/a:ibm:cloud_private:2.1.0.1
Ibm Cloud Private 2.1.0.2 cpe:/a:ibm:cloud_private:2.1.0.2
Ibm Cloud Private 2.1.0.3 cpe:/a:ibm:cloud_private:2.1.0.3
Ibm Cloud Private 2.2.1 cpe:/a:ibm:cloud_private:2.2.1
Ibm Cloud Private 2.2.2 cpe:/a:ibm:cloud_private:2.2.2
Ibm Cloud Private 2.2.3 cpe:/a:ibm:cloud_private:2.2.3
Ibm Cloud Private 2.3.1 cpe:/a:ibm:cloud_private:2.3.1
Ibm Cloud Private 2.3.2 cpe:/a:ibm:cloud_private:2.3.2
Ibm Cloud Private 3.0.0 cpe:/a:ibm:cloud_private:3.0.0
Ibm Cloud Private 3.0.1 cpe:/a:ibm:cloud_private:3.0.1
  1. Ibm (1) Search CVE
    1. Cloud Private (16) Search CVE
      1. 1.0.0
      2. 1.1.0
      3. 1.2.0
      4. 1.3.0
      5. 2.0.0
      6. 2.1.0
      7. 2.1.0.1
      8. 2.1.0.2
      9. 2.1.0.3
      10. 2.2.1
      11. 2.2.2
      12. 2.2.3
      13. 2.3.1
      14. 2.3.2
      15. 3.0.0
      16. 3.0.1

CWE

ID Name Description Links
CWE-255 Credentials Management Weaknesses in this category are related to the management of credentials. CVE

History of changes

Date Event
2019-10-09 23:50
2019-06-17 12:59
2019-06-14 15:29

New CVE