Information Disclosure in IBM Campaign Affects Multiple Versions
CVE-2017-1116
4.3MEDIUM
Summary
IBM Campaign versions 8.6, 9.0, and 9.1 (including updates) contain a vulnerability that exposes excessive details on the client side. This exposure presents an opportunity for authenticated users to gain insights that can be leveraged for conducting further attacks. As a result, user confidentiality could be compromised, making it critical for organizations utilizing these versions to evaluate their security practices and implement necessary safeguards.
Affected Version(s)
Campaign 8.6
Campaign 9.0
Campaign 9.1
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved