CVE-2018-1899

EUVD-2018-12478
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business Glossary Anywhere due to improper access control. IBM X-Force ID: 152528.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
ibmCNA
4.3 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.0/A:N/AC:L/AV:A/C:N/I:L/PR:N/S:U/UI:N/E:U/RC:C/RL:O
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
Affected Products (NVD)
VendorProductVersion
ibminfosphere_information_governance_catalog
11.3
ibminfosphere_information_governance_catalog
11.5
ibminfosphere_information_governance_catalog
11.7
ibminfosphere_information_server_on_cloud
11.5
ibminfosphere_information_server_on_cloud
11.7
𝑥
= Vulnerable software versions
References
http://www.ibm.com/support/docview.wss?uid=ibm10744029
https://exchange.xforce.ibmcloud.com/vulnerabilities/152528
http://www.ibm.com/support/docview.wss?uid=ibm10744029
https://exchange.xforce.ibmcloud.com/vulnerabilities/152528