Local File Exposure in IBM Security Privileged Identity Manager Virtual Appliance
CVE-2018-1623
4MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 2 April 2019
Summary
The IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 has a security vulnerability that allows an attacker to store web pages locally. These stored pages can be accessed by unauthorized users on the same system, potentially exposing sensitive information. This vulnerability affects the integrity and confidentiality of the data processed by the application, making it crucial to apply appropriate mitigations.
Affected Version(s)
Security Privileged Identity Manager 2.1.1
References
CVSS V3.1
Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved