CVE-2014-4781Sensitive Information Exposure in IBM Infosphere Biginsights

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.2%
top 54.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Infosphere Biginsights
Timeline
PublishedFeb 13
Latest updateMay 17

Description

The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before 3.0.0.2 allows remote attackers to obtain sensitive Alert management-services API information via a network-tracing attack.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/infosphere_biginsights2.1.2.0, 3.0.0.0, 3.0.0.1+2

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-x2rv-w9h9-ch6h: The alert module in IBM InfoSphere BigInsights 22022-05-17
CVEList
CVE-2014-4781: The alert module in IBM InfoSphere BigInsights 22015-02-13
CVE-2014-4781 — Sensitive Information Exposure in IBM | cvebase