CVE-2018-1362

EUVD-2018-11941
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 within Citizen Portal could allow an authenticated user to withdraw other user's submitted applications from the system and possibly obtain privileges. IBM X-Force ID: 137380.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
Affected Products (NVD)
VendorProductVersion
ibmcuram_social_program_management
6.0.5
ibmcuram_social_program_management
6.1.1.0
ibmcuram_social_program_management
6.2.0.0
ibmcuram_social_program_management
7.0.1
𝑥
= Vulnerable software versions
References
http://www.ibm.com/support/docview.wss?uid=swg22012528
https://exchange.xforce.ibmcloud.com/vulnerabilities/137380
http://www.ibm.com/support/docview.wss?uid=swg22012528
https://exchange.xforce.ibmcloud.com/vulnerabilities/137380