Sensitive Information Disclosure in IBM Cloud App Management
CVE-2018-1990
5.3MEDIUM
Summary
IBM Cloud App Management versions V2018.2.0, V2018.4.0, and V2018.4.1 may allow attackers to access sensitive configuration information through a specially crafted HTTP request. This vulnerability highlights a significant risk to the confidentiality of system configurations, necessitating prompt action by users to secure their applications against potential exploitation.
Affected Version(s)
Cloud App Management V2018.2.0
Cloud App Management V2018.4.0
Cloud App Management V2018.4.1
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved