CVE-2017-1490

5.3MEDIUM

Key Information:

Vendor
IBM
Status
Jazz Reporting Service
Vendor
CVE Published:
14 September 2017

Summary

An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information.

Affected Version(s)

Jazz Reporting Service 6.0

Jazz Reporting Service 6.0.1

Jazz Reporting Service 6.0.2

References

http://www.ibm.com/support/docview.wss?uid=swg22008253
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/128688
x_refsource_MISC
http://www.securityfocus.com/bid/100835
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.