Local User Credential Exposure in IBM Publishing Engine
CVE-2017-1787
4.4MEDIUM
Summary
The IBM Publishing Engine versions 2.1.2 and 6.0.5 possess a vulnerability that allows a local user with administrative privileges to expose hard-coded user credentials. This flaw could enable unauthorized access to sensitive information, highlighting the importance of ensuring secure handling of user credentials in administration tools. Implementing security practices such as regular updates and user privilege audits is recommended to mitigate potential risks associated with this vulnerability.
Affected Version(s)
Rational Publishing Engine 2.1.2
Rational Publishing Engine 6.0.5
References
CVSS V3.1
Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved