CVE-2018-2005

3.3LOW

Key Information:

Vendor: IBM
Status: Bigfix Platform
Vendor: CVE Published:; 16 May 2019

Summary

IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive information in process memory that could be read by a local attacker with elevated permissions. IBM X-Force ID: 155007

Affected Version(s)

BigFix Platform 9.2

BigFix Platform 9.5

References

https://www.ibm.com/support/docview.wss?uid=ibm10881996

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/155007

vdb-entryx_refsource_XF

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 16, 2019
Vulnerability Reserved
Dec 13, 2017