Information Disclosure Vulnerability in IBM BigFix Platform
CVE-2018-1476

5.3MEDIUM

Key Information:

Vendor: IBM
Status: Bigfix Platform
Vendor: CVE Published:; 12 December 2018

Summary

An identified information disclosure issue in IBM BigFix Platform versions 9.2.0 to 9.2.14 and 9.5 to 9.5.9 exposes sensitive data to unauthorized users. This vulnerability allows attackers to access confidential information, which could lead to further exploits against the system. Users and administrators are advised to apply the necessary patches and follow security best practices to mitigate the risks associated with this vulnerability. To learn more, refer to the official IBM support documentation and the IBM X-Force vulnerability database.

Affected Version(s)

BigFix Platform 9.5.9

BigFix Platform 9.2.0

BigFix Platform 9.2.14

References

https://www.ibm.com/support/docview.wss?uid=ibm10733605

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/140757

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 12, 2018
Vulnerability Reserved
Dec 13, 2017