CVE-2019-4067

HIGH

IBM IOC <5.2.0 - Info Disclosure

Title source: llm

Description

IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 157012.

References (2)

[Vendor Advisory] https://www.ibm.com/support/docview.wss?uid=ibm10880213

[VDB Entry, Vendor Advisory] https://exchange.xforce.ibmcloud.com/vulnerabilities/157012

Scores

CVSS v3 7.5

EPSS 0.0021

EPSS Percentile 42.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-521

Status published

Products (3)

ibm/intelligent_operations_center 5.1.0 - 5.2.0

ibm/intelligent_operations_center_for_emergency_management 5.1.0 - 5.1.0.6

ibm/water_operations_for_waternamics 5.1.0 - 5.2.1.1

Published Jun 07, 2019

Tracked Since Feb 18, 2026