Local File Read Vulnerability in IBM i2 Enterprise Insight Analysis
CVE-2018-1505

4MEDIUM

Key Information:

Vendor
IBM
Status
I2 Enterprise Insight Analysis
Vendor
CVE Published:
6 December 2018

Summary

IBM i2 Enterprise Insight Analysis version 2.1.7 contains a vulnerability that allows web pages to be stored locally on the system. This stored data can potentially be accessed by unauthorized users, leading to data exposure. This issue highlights the need for proper access controls and data handling mechanisms within the application to prevent unauthorized access to sensitive information.

Affected Version(s)

i2 Enterprise Insight Analysis 2.1.7

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/141413
vdb-entryx_refsource_XF
https://www.ibm.com/support/docview.wss?uid=ibm10738699
x_refsource_CONFIRM

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.