CVE-2019-4119 LOW

CVE-2019-4119

Vendor Ibm
Product Cloud Private
Published May 17, 2019
Last update September 16, 2024

CVSS base score

3.1/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/S:U/A:N/AC:H/I:L/C:N/AV:N/UI:N/PR:L/E:U/RC:C/RL:O

What the vulnerability does

01Description

IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. IBM X-Force ID: 158145.

Key dates

02Disclosure timeline

May 17, 2019 CVE published
September 16, 2024 Record updated