CVE-2017-1490

CWE-200Information Exposure3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.3%
top 48.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Jazz Reporting Service
Timeline
PublishedSep 14
Latest updateMay 17

Description

An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/jazz_reporting_service5 versions+4
NVDibm/jazz_reporting_service5 versions+4

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-3wx4-x6c7-9xm5: An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 62022-05-17
CVEList
CVE-2017-1490: An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 62017-09-14
CVE-2017-1490 (MEDIUM CVSS 5.3) | An unspecified vulnerability in the | cvebase.io