Sensitive Information Disclosure in IBM Insights Foundation for Energy
CVE-2017-1141

4.3MEDIUM

Key Information:

Vendor: IBM
Status: IBM Insights Foundation For Energy
Vendor: CVE Published:; 28 April 2017

Summary

IBM Insights Foundation for Energy versions 1.0, 1.5, and 1.6 allow authenticated users to exploit a vulnerability that discloses sensitive information through error messages. This flaw could potentially compromise security and lead to unauthorized access to information that should remain confidential. Organizations using these versions are advised to apply necessary patches and implement proper security measures to mitigate risks associated with this vulnerability.

Affected Version(s)

IBM Insights Foundation for Energy 1.0, 1.5, 1.6

References

http://www.ibm.com/support/docview.wss?uid=swg22002620

x_refsource_CONFIRM

http://www.securityfocus.com/bid/98161

vdb-entryx_refsource_BID

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 28, 2017
Vulnerability Reserved
Nov 30, 2016