Information Disclosure Vulnerability in IBM Jazz Reporting Service
CVE-2017-1340

5MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
1 November 2017

Summary

An issue exists in IBM Jazz Reporting Service (JRS) 6.0.4 that could allow an authenticated user to gain unauthorized access to information obtained from another server that interacts with the current report builder. This vulnerability could potentially expose sensitive data, highlighting the importance of securing user access controls and monitoring interactions between servers.

Affected Version(s)

Jazz Reporting Service 6.0.4

References

CVSS V3.1

Score:
5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.