Data Exposure Vulnerability in IBM Cloud Private
CVE-2018-1938

4.4MEDIUM

Key Information:

Vendor: IBM
Status: Cloud Private
Vendor: CVE Published:; 5 March 2019

🔔 Create IBM Vulnerability Alert

What is CVE-2018-1938?

A vulnerability in IBM Cloud Private 3.1.1 allows local users with administrator privileges to intercept sensitive unencrypted data. This exposure can lead to unauthorized access and compromise critical information, affecting the integrity and confidentiality of the data managed by the cloud platform.

Affected Version(s)

Cloud Private 3.1.1

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/153318

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/107299

vdb-entryx_refsource_BID

https://www.ibm.com/support/docview.wss?uid=ibm10871770

x_refsource_CONFIRM

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 5, 2019
Vulnerability Reserved
Dec 13, 2017

.