Sensitive Data Transmission Issue in IBM BigFix Platform
CVE-2018-1600
8.6HIGH
Summary
The IBM BigFix Platform versions 9.2 and 9.5 are susceptible to a vulnerability that allows the transmission of sensitive or security-critical data in an unsecured format, making it accessible to unauthorized actors through network sniffing. This flaw poses significant risks to data confidentiality and integrity, especially in environments where secured communications are paramount. Organizations using these versions should take immediate action to ensure secure data transmission.
Affected Version(s)
BigFix Platform 9.2
BigFix Platform 9.5
References
CVSS V3.1
Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved