Vulnerability Data

by Reconmap

CVE-2018-1999

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 154889.

Published at
2019-04-08T15:29Z
1706 days ago
Modified
2019-10-09T23:39Z
1522 days ago
CWE-200
Problem type

Impact

CVSS v3 vector string
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Severity Score Vector

4.3CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References


URLType
www.ibm.com
https://www.ibm.com/support/docview.wss?uid=ibm10870502		CONFIRM
ibm-bpm-cve20181999-info-disc (154889)
https://exchange.xforce.ibmcloud.com/vulnerabilities/154889		XF

GET https://vulnerabilitydata.com/api/details/CVE-2018-1999

{
	"id": "CVE-2018-1999",
	"published_date": "2019-04-08T15:29Z",
	"last_modified_date": "2019-10-09T23:39Z",
	"assigner": "psirt@us.ibm.com",
	"description": "IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 could reveal sensitive version information about the server from error pages that could aid an attacker in further attacks against the system. IBM X-Force ID: 154889.",
	"references": [
		{
			"url": "https://www.ibm.com/support/docview.wss?uid=ibm10870502",
			"name": "https://www.ibm.com/support/docview.wss?uid=ibm10870502",
			"refsource": "CONFIRM",
			"tags": [
				"Patch",
				"Vendor Advisory"
			]
		},
		{
			"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154889",
			"name": "ibm-bpm-cve20181999-info-disc (154889)",
			"refsource": "XF",
			"tags": [
				"Vendor Advisory",
				"VDB Entry"
			]
		}
	],
	"impact": {
		"baseMetricV3": {
			"cvssV3": {
				"version": "3.0",
				"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
				"attackVector": "NETWORK",
				"attackComplexity": "LOW",
				"privilegesRequired": "LOW",
				"userInteraction": "NONE",
				"scope": "UNCHANGED",
				"confidentialityImpact": "LOW",
				"integrityImpact": "NONE",
				"availabilityImpact": "NONE",
				"baseScore": 4.3,
				"baseSeverity": "MEDIUM"
			},
			"exploitabilityScore": 2.8,
			"impactScore": 1.4
		},
		"baseMetricV2": {
			"cvssV2": {
				"version": "2.0",
				"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
				"accessVector": "NETWORK",
				"accessComplexity": "LOW",
				"authentication": "SINGLE",
				"confidentialityImpact": "PARTIAL",
				"integrityImpact": "NONE",
				"availabilityImpact": "NONE",
				"baseScore": 4
			},
			"severity": "MEDIUM",
			"exploitabilityScore": 8,
			"impactScore": 2.9,
			"acInsufInfo": false,
			"obtainAllPrivilege": false,
			"obtainUserPrivilege": false,
			"obtainOtherPrivilege": false,
			"userInteractionRequired": false
		}
	},
	"problem_type": "CWE-200"
}