Vulnerability Details : CVE-2018-1899
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business Glossary Anywhere due to improper access control. IBM X-Force ID: 152528.
Products affected by CVE-2018-1899
- cpe:2.3:a:ibm:infosphere_information_governance_catalog:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_governance_catalog:11.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_governance_catalog:11.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server_on_cloud:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server_on_cloud:11.7:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-1899
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 19 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-1899
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:A/AC:L/Au:N/C:N/I:P/A:N |
6.5
|
2.9
|
NIST | |
4.3
|
MEDIUM | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
2.8
|
1.4
|
NIST | |
4.3
|
MEDIUM | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
2.8
|
1.4
|
IBM Corporation |
References for CVE-2018-1899
-
http://www.ibm.com/support/docview.wss?uid=ibm10744029
IBM Security Bulletin: IBM InfoSphere Governance Catalog is affected by an Improper Access Control vulnerabilityVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/152528
IBM InfoSphere Information Server imrproper access control CVE-2018-1899 Vulnerability ReportVendor Advisory;VDB Entry
Jump to