Sensitive Information Exposure in IBM Marketing Platform
CVE-2017-1107

4.3MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
19 June 2019

Summary

IBM Marketing Platform versions 9.1.0, 9.1.2, 10.0, and 10.1 expose sensitive information through the HTTP headers. This exposure could be exploited by authenticated attackers to facilitate further attacks against the system, posing a significant risk to user data integrity. To mitigate this risk, organizations should apply the latest patches and review their security configurations.

Affected Version(s)

Marketing Platform 9.1.2

Marketing Platform 10.0

Marketing Platform 9.1.0

References

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.