Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM1818C800AEEB611D9DBDE7D8069148C0394A2A790EF7FE362ABDE9D780EBF890
HistoryJul 05, 2019 - 8:25 a.m.

Security Bulletin: IBM Jazz for Service Management stores sensitive information in URL parameters (CVE-2019-4193)

2019-07-0508:25:02
www.ibm.com
4

0.002 Low

EPSS

Percentile

59.4%

JSON

Summary

IBM Jazz for Service Management stores sensitive information in URL parameters

Vulnerability Details

CVEID: CVE-2019-4193 DESCRIPTION: IBM Jazz for Service Management stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history.
CVSS Base Score: 5.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159032&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Jazz for Service Management version 1.1.3 - 1.1.3.2

Remediation/Fixes

Affected JazzSM Version Recommended Fix.
Jazz for Service Management version 1.1.3 - 1.1.3.2 Install 1.1.3-TIV-JazzSM-multi-FP003

Workarounds and Mitigations

Please refer Read-me available as part of 1.1.3-TIV-JazzSM-multi-FP003

CPENameOperatorVersion
jazz for service managementeqany

Related

cvelist 1
prion 1
nvd 1
cve 1
cvelist
cvelist
CVE-2019-4193
2019-07-05 00:00:00
prion
prion
Information disclosure
2019-07-11 20:15:00
nvd
nvd
CVE-2019-4193
2019-07-11 20:15:13
cve
cve
CVE-2019-4193
2019-07-11 20:15:13

0.002 Low

EPSS

Percentile

59.4%

JSON
Related for 1818C800AEEB611D9DBDE7D8069148C0394A2A790EF7FE362ABDE9D780EBF890
cvelist1prion1nvd1cve1