Information Disclosure Risk in IBM Atlas eDiscovery Process Management
CVE-2017-1353

3.5LOW

Key Information:

Vendor: IBM
Status: Atlas Ediscovery Process Management
Vendor: CVE Published:; 7 December 2017

Summary

IBM Atlas eDiscovery Process Management version 6.0.3 contains a vulnerability that may reveal sensitive information to authenticated attackers. This can occur when a user inadvertently clicks on malicious third-party links, leading to unintended data exposure. Ensuring user education and implementing security measures can mitigate the risk associated with this vulnerability.

Affected Version(s)

Atlas eDiscovery Process Management 6.0.3

Atlas eDiscovery Process Management 6.0.3.2

Atlas eDiscovery Process Management 6.0.3.3

References

https://www.ibm.com/support/docview.wss?uid=swg22005827

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/126680

x_refsource_MISC

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 7, 2017
Vulnerability Reserved
Nov 30, 2016