Information Disclosure Vulnerability in IBM Jazz Reporting Service
CVE-2017-1340
5MEDIUM
Summary
An issue exists in IBM Jazz Reporting Service (JRS) 6.0.4 that could allow an authenticated user to gain unauthorized access to information obtained from another server that interacts with the current report builder. This vulnerability could potentially expose sensitive data, highlighting the importance of securing user access controls and monitoring interactions between servers.
Affected Version(s)
Jazz Reporting Service 6.0.4
References
CVSS V3.1
Score:
5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved