IBMF62698A5797090F40A28CA8B0550AB86998F5458B9634EB613B40223BE869002Security Bulletin: A vulnerability in IBM InfoSphere Information Server installer could expose sensitive information (CVE-2018-1701)
EPSS
Percentile
39.9%
Summary
IBM InfoSphere Information Server could allow a local user under special circumstances to expose sensitive information during installation.
Vulnerability Details
CVEID: CVE-2018-1701 DESCRIPTION: IBM InfoSphere Information Server could allow a local user under special circumstances to expose sensitive information during installation
CVSS Base Score: 8.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/145970 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)
Affected Products and Versions
The following products, running on all supported platforms, are affected:
IBM InfoSphere Information Server: version 11.7
IBM InfoSphere Information Server on Cloud: version 11.7
Remediation/Fixes
Product
|
VRMF
|
APAR
|
Remediation/First Fix
—|—|—|—
InfoSphere Information Server, Information Server on Cloud
|
11.7
|
|
--Update to the latest Updater for 11.7
Workarounds and Mitigations
None
Related
EPSS
Percentile
39.9%