CVE-2019-4119

Summary

IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. IBM X-Force ID: 158145.

Affected Software

VendorProductVersion RangeStatus
IBMCloud Private2.1.0affected
IBMCloud Private3.1.0affected
IBMCloud Private3.1.1affected
IBMCloud Private3.1.2affected

Weaknesses

  • Other

ADP Enrichment

CVE Program Container

Additional References

References