Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM858153D3F4A4AC376BAE528280D5647390493525547ECE641243F944268D0596
HistoryJan 28, 2021 - 6:05 p.m.

Security Bulletin: Daeja ViewONE Virtual may expose internal IP addresses (CVE-2019-4246)

2021-01-2818:05:24
www.ibm.com
4
ibm daeja viewone
virtual
cve-2019-4246
security vulnerability
fix
ifix
version 5.0.6
version 5.0.5

EPSS

0.001

Percentile

27.9%

JSON

Summary

During certain operation Daeja ViewONE transmits the internal IP address to the client.

Vulnerability Details

CVEID: CVE-2019-4246 DESCRIPTION: IBM Daeja ViewONE Professional, Standard & Virtual could expose internal parameters to ViewONE clients that could be used in further attacks against the system.
CVSS Base Score: 3.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159521&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

Daeja ViewONE Virtual 5.0 - 5.0.6

Remediation/Fixes

Fixes for the vulnerability are included in Daeja ViewONE Virtual 5.0.6 iFix 4 and Daeja ViewONE Virtual and Daeja ViewONE Virtual 5.0.5 iFix15

Workarounds and Mitigations

None

Related

cve 1
cvelist 1
prion 1
nvd 1
cve
cve
CVE-2019-4246
2019-10-01 15:15:11
cvelist
cvelist
CVE-2019-4246
2019-10-01 14:30:23
prion
prion
Code injection
2019-10-01 15:15:00
nvd
nvd
CVE-2019-4246
2019-10-01 15:15:11

EPSS

0.001

Percentile

27.9%

JSON
Related for 858153D3F4A4AC376BAE528280D5647390493525547ECE641243F944268D0596
cve1cvelist1prion1nvd1