CVE-2018-1917

CWE-200Information Exposure4 documents4 sources
Severity
6.5MEDIUM
EPSS
0.3%
top 43.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Infosphere Information ServerIBM Infosphere Information Server ON Cloud
Timeline
PublishedApr 2
Latest updateMay 13

Description

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitive information. IBM X-Force ID: 152784.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.1 | Impact: 1.4

Affected Packages3 packages

CVEListV5ibm/infosphere_information_server11.3, 11.5, 11.7+2
NVDibm/infosphere_information_server11.3, 11.5, 11.7+2
NVDibm/infosphere_information11.5, 11.7+1

🔴Vulnerability Details

2
GHSA
GHSA-w82r-m5xw-682j: IBM InfoSphere Information Server 112022-05-13
CVEList
CVE-2018-1917: IBM InfoSphere Information Server 112019-04-02

💬Community

1
Bugzilla
CVE-2018-1000225 cobbler: Persistent XSS vulnerability in cobbler-web2018-08-03
CVE-2018-1917 (MEDIUM CVSS 6.5) | IBM InfoSphere Information Server 1 | cvebase.io