Information Disclosure Vulnerability in IBM WebSphere Application Server Liberty
CVE-2018-1553
5.3MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 27 June 2018
Summary
An information disclosure vulnerability exists in IBM WebSphere Application Server Liberty prior to version 18.0.0.2. This issue arises from improper exception handling in the SAML Web Single Sign-On (SSO) feature, potentially allowing a remote attacker to access sensitive information. It's crucial for users to upgrade to the latest version to mitigate this risk.
Affected Version(s)
IBM WebSphere Application Server Liberty = unspecified
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved