CVE-2018-1999
IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 154889.
Published at
2019-04-08T15:29Z
1856 days ago
Modified
2019-10-09T23:39Z
1671 days ago
CWE-200
Problem type
Impact
- CVSS v3 vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Severity Score Vector
4.3CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NReferences
URL | Type |
---|---|
www.ibm.com https://www.ibm.com/support/docview.wss?uid=ibm10870502 | CONFIRM |
ibm-bpm-cve20181999-info-disc (154889) https://exchange.xforce.ibmcloud.com/vulnerabilities/154889 | XF |
GET https://vulnerabilitydata.com/api/details/CVE-2018-1999
{ "id": "CVE-2018-1999", "published_date": "2019-04-08T15:29Z", "last_modified_date": "2019-10-09T23:39Z", "assigner": "psirt@us.ibm.com", "description": "IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 154889.", "references": [ { "url": "https://www.ibm.com/support/docview.wss?uid=ibm10870502", "name": "https://www.ibm.com/support/docview.wss?uid=ibm10870502", "refsource": "CONFIRM", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154889", "name": "ibm-bpm-cve20181999-info-disc (154889)", "refsource": "XF", "tags": [ "Vendor Advisory", "VDB Entry" ] } ], "impact": { "baseMetricV3": { "cvssV3": { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 1.4 }, "baseMetricV2": { "cvssV2": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4 }, "severity": "MEDIUM", "exploitabilityScore": 8, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } }, "problem_type": "CWE-200" }