Local File Exposure in IBM Security Privileged Identity Manager Virtual Appliance
CVE-2018-1623

4MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
2 April 2019

Summary

The IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 has a security vulnerability that allows an attacker to store web pages locally. These stored pages can be accessed by unauthorized users on the same system, potentially exposing sensitive information. This vulnerability affects the integrity and confidentiality of the data processed by the application, making it crucial to apply appropriate mitigations.

Affected Version(s)

Security Privileged Identity Manager 2.1.1

References

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.