Information Disclosure Vulnerability in IBM Tivoli Application Dependency Discovery Manager
CVE-2018-1675
6.8MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 4 February 2019
Summary
The IBM Tivoli Application Dependency Discovery Manager versions 7.2.2 and 7.3 are prone to an information disclosure vulnerability that allows attackers to expose password hashes stored in the system memory. This may occur on target systems configured to utilize TADDM, leading to significant security risks if exploited. Organizations using affected versions should assess their configurations and implement necessary remediation measures to safeguard sensitive information.
Affected Version(s)
Tivoli Application Dependency Discovery Manager 7.2.2
Tivoli Application Dependency Discovery Manager 7.3
References
CVSS V3.1
Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved