Information Disclosure Vulnerability in IBM Insights Foundation for Energy
CVE-2017-1342

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Insights Foundation For Energy
Vendor: CVE Published:; 7 December 2017

Summary

IBM Insights Foundation for Energy version 2.0 contains a vulnerability that may allow authenticated users to gain access to sensitive information disclosed in error messages. This information could potentially be leveraged for further attacks, raising concerns about the security and integrity of user data within the application.

Affected Version(s)

Insights Foundation for Energy 2.0

References

http://www.ibm.com/support/docview.wss?uid=swg22009039

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/126457

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 7, 2017
Vulnerability Reserved
Nov 30, 2016