Local File Read Vulnerability in IBM i2 Enterprise Insight Analysis
CVE-2018-1505
4MEDIUM
Summary
IBM i2 Enterprise Insight Analysis version 2.1.7 contains a vulnerability that allows web pages to be stored locally on the system. This stored data can potentially be accessed by unauthorized users, leading to data exposure. This issue highlights the need for proper access controls and data handling mechanisms within the application to prevent unauthorized access to sensitive information.
Affected Version(s)
i2 Enterprise Insight Analysis 2.1.7
References
CVSS V3.1
Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved