CVE-2018-1906

3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.3%

top 43.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Infosphere Information Server IBM Infosphere Information Server ON Cloud

Timeline

PublishedApr 2

Latest updateMay 13

Description

IBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted HTTP request. IBM X-Force ID: 152663.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

▶CVEListV5ibm/infosphere_information_server11.3, 11.5, 11.7+2

▶NVDibm/infosphere_information_server11.3, 11.5, 11.7+2

▶NVDibm/infosphere_information11.5, 11.7+1

🔴Vulnerability Details

GHSA

GHSA-xrh7-pgx8-p53x: IBM InfoSphere Information Server 11↗2022-05-13

▶

CVEList

CVE-2018-1906: IBM InfoSphere Information Server 11↗2019-04-02

▶