Information Disclosure Vulnerability in IBM OpenPages GRC Platform
CVE-2017-1148

5.3MEDIUM

Key Information:

Vendor
IBM
Status
Openpages Grc Platform
Vendor
CVE Published:
1 November 2017

Summary

The vulnerability present in IBM OpenPages GRC Platform versions 7.2 and 7.3, specifically within the OpenPages Loss Event Entry application, allows an attacker to gain access to sensitive information, including private APIs. This exposure can potentially be leveraged to carry out further malicious attacks on the system, compromising its security integrity. Users of the affected platform are advised to take precautionary measures to safeguard their systems.

Affected Version(s)

OpenPages GRC Platform 7.2

OpenPages GRC Platform 7.3

References

http://www.securityfocus.com/bid/101668
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/122201
x_refsource_MISC
http://www.ibm.com/support/docview.wss?uid=swg22009717
x_refsource_CONFIRM

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.