Information Disclosure Vulnerability in IBM BigFix Platform
CVE-2018-1476

5.3MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
12 December 2018

Summary

An identified information disclosure issue in IBM BigFix Platform versions 9.2.0 to 9.2.14 and 9.5 to 9.5.9 exposes sensitive data to unauthorized users. This vulnerability allows attackers to access confidential information, which could lead to further exploits against the system. Users and administrators are advised to apply the necessary patches and follow security best practices to mitigate the risks associated with this vulnerability. To learn more, refer to the official IBM support documentation and the IBM X-Force vulnerability database.

Affected Version(s)

BigFix Platform 9.5.9

BigFix Platform 9.2.0

BigFix Platform 9.2.14

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.