CVE-2019-4119

Published: May 17, 2019Modified: Jun 17, 2026

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. IBM X-Force ID: 158145.

Affected (4)

Products: Ibm: Cloud Private

Ibm

1 product

Cloud Private

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Ibm Cloud Private	From 2.1.0.0 to 2.1.0.3
Ibm Cloud Private	Version 3.1.0
Ibm Cloud Private	Version 3.1.1
Ibm Cloud Private	Version 3.1.2

References (4)

http://www.ibm.com/support/docview.wss?uid=ibm10878460

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/158145

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

http://www.ibm.com/support/docview.wss?uid=ibm10878460

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/158145

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

Timeline

No history available yet.