Sensitive Information Exposure in IBM Marketing Platform
CVE-2017-1107
4.3MEDIUM
Summary
IBM Marketing Platform versions 9.1.0, 9.1.2, 10.0, and 10.1 expose sensitive information through the HTTP headers. This exposure could be exploited by authenticated attackers to facilitate further attacks against the system, posing a significant risk to user data integrity. To mitigate this risk, organizations should apply the latest patches and review their security configurations.
Affected Version(s)
Marketing Platform 9.1.2
Marketing Platform 10.0
Marketing Platform 9.1.0
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved