Remote Information Disclosure in IBM Analytics Content Hub by IBM
CVE-2024-35134

5.3MEDIUM

Key Information:

Vendor: IBM
Status: Analytics Content Hub
Vendor: CVE Published:; 25 January 2025

Summary

A vulnerability in IBM Analytics Content Hub 2.0 allows remote attackers to gain access to sensitive information through detailed technical error messages displayed in the browser. This information can potentially be leveraged for subsequent attacks, posing a significant risk to the integrity and confidentiality of the system. Organizations using this product should be vigilant and take necessary measures to mitigate this security issue.

Affected Version(s)

Analytics Content Hub 2.0

References

https://www.ibm.com/support/pages/node/7172787

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 25, 2025
Vulnerability Reserved
May 9, 2024