exploitDog

CVE-2017-1490

Опубликовано: 14 сент. 2017

Источник: nvd

CVSS3: 5.3

CVSS2: 3.5

EPSS Низкий

Описание

An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22008253
Patch
Vendor Advisory
http://www.securityfocus.com/bid/100835
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/128688
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22008253
Patch
Vendor Advisory
http://www.securityfocus.com/bid/100835
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/128688
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:jazz_reporting_service:6.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_reporting_service:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_reporting_service:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_reporting_service:6.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_reporting_service:6.0.4:*:*:*:*:*:*:*

EPSS

Процентиль: 51%

0.00285

Низкий

5.3 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-3wx4-x6c7-9xm5

CVSS3: 5.3

github

больше 3 лет назад

An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information.

EPSS

Процентиль: 51%

0.00285

Низкий

5.3 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-200