Medium Severity

IBM Security Bulletin: Information disclosure in WebSphere Application Server Admin Console in IBM Cloud (CVE-2019-4269)

Share this post:

There is an information disclosure in the Admin Console of WebSphere Application Server.

CVE(s): CVE-2019-4269

Affected product(s) and affected version(s):

This vulnerability affect the following versions and releases of WebSphere Application Server and bundling products.

  • Version 9.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10960159
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160202

More stories

IBM Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server

Sep 19, 2019 9:02 am EDT | Medium Severity

There are multiple vulnerabilities in the IBM HTTP Server used by WebSphere Application Server. CVE(s): CVE-2018-20843, CVE-2019-10092, CVE-2019-10098 Affected product(s) and affected version(s): This vulnerability affects the following version and release of IBM HTTP Server (powered by Apache) component in all editions of WebSphere Application Server and bundling products. Version 9.0 Version 8.5 Version 8.0 ...read more


IBM Security Bulletin: IBM Security Key Lifecycle Manager uses Weak password policy (CVE-2019-4565)

Sep 18, 2019 9:02 am EDT | Medium Severity

IBM Security Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. CVE(s): CVE-2019-4565 Affected product(s) and affected version(s): Principal Product and Version(s) IBM Security Key Lifecycle Manager (SKLM) v3.0 – v3.0.0.2 on distributed platforms IBM Security Key Lifecycle Manager (SKLM) ...read more


IBM Security Bulletin: Path Traversal exposure in the Save/Export function of the FTM OAC

Sep 17, 2019 9:00 am EDT | Medium Severity

The “Save/Export” function available on all search result displays (tabulated results) is potentially vulnerable to a Path Traversal type attack. CVE(s): CVE-2018-1847 Affected product(s) and affected version(s): Principal Product and Version(s) Financial Transaction Manager for MP v2.0.0.0 through 2.0.0.5 Financial Transaction Manager for MP v2.1.0.0 through 2.1.0.4 Financial Transaction Manager for MP v2.1.1.0 through 2.1.1.4 ...read more