CVE-2019-4047

Опубликовано: 29 апр. 2019

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. IBM X-Force ID: 156243.

Ссылки

http://www.securityfocus.com/bid/108103
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/156243
VDB Entry
Vendor Advisory
https://www.ibm.com/support/docview.wss?uid=ibm10882262
Vendor Advisory
http://www.securityfocus.com/bid/108103
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/156243
VDB Entry
Vendor Advisory
https://www.ibm.com/support/docview.wss?uid=ibm10882262
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:jazz_reporting_service:6.0.6:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00467

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-269

Связанные уязвимости

GHSA-f8vv-7qp7-jr92

CVSS3: 4.3

github

больше 3 лет назад

IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. IBM X-Force ID: 156243.

EPSS

Процентиль: 64%

0.00467

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-269