Sensitive Information Disclosure in IBM Cloud App Management
CVE-2018-1990

5.3MEDIUM

Key Information:

Vendor

IBM
Status
Cloud App Management
Vendor
CVE Published:
10 May 2019

What is CVE-2018-1990?

IBM Cloud App Management versions V2018.2.0, V2018.4.0, and V2018.4.1 may allow attackers to access sensitive configuration information through a specially crafted HTTP request. This vulnerability highlights a significant risk to the confidentiality of system configurations, necessitating prompt action by users to secure their applications against potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cloud App Management V2018.2.0

Cloud App Management V2018.4.0

Cloud App Management V2018.4.1

References

https://www.ibm.com/support/docview.wss?uid=ibm10883350
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/154283
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/108327
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.