CVE-2017-1370

CWE-2093 documents3 sources
Severity
4.9MEDIUM
EPSS
0.3%
top 50.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Jazz Reporting Service
Timeline
PublishedJul 31
Latest updateMay 13

Description

IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page. IBM X-Force ID: 126863.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/jazz_reporting_service8 versions+7
NVDibm/jazz_reporting_service8 versions+7

🔴Vulnerability Details

2
GHSA
GHSA-g4j6-x426-xcj8: IBM Jazz Reporting Service (JRS) 52022-05-13
CVEList
CVE-2017-1370: IBM Jazz Reporting Service (JRS) 52017-07-31
CVE-2017-1370 (MEDIUM CVSS 4.9) | IBM Jazz Reporting Service (JRS) 5. | cvebase.io