CVE-2019-4119
3.1
CVSS:3.0/S:U/A:N/AC:H/I:L/C:N/AV:N/UI:N/PR:L/E:U/RC:C/RL:O
Summary
IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. IBM X-Force ID: 158145.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Cloud Private | 2.1.0 | affected |
| IBM | Cloud Private | 3.1.0 | affected |
| IBM | Cloud Private | 3.1.1 | affected |
| IBM | Cloud Private | 3.1.2 | affected |
Weaknesses
- Other
ADP Enrichment
CVE Program Container
Additional References
- http://www.ibm.com/support/docview.wss?uid=ibm10878460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/158145
References
- http://www.ibm.com/support/docview.wss?uid=ibm10878460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/158145
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.