CVE-2018-1987

EUVD-2018-12566
IBM Spectrum Protect for Enterprise Resource Planning 7.1 and 8.1, if tracing is activated, the IBM Spectrum Protect node password may be displayed in plain text in the ERP trace file. IBM X-Force ID: 154280.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ibmCNA
5.1 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.0/PR:N/S:U/AC:H/I:N/AV:L/UI:N/C:H/A:N/E:U/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Affected Products (NVD)
VendorProductVersion
ibmdata_protection
7.1.3.0 ≤
𝑥
≤ 7.1.3.1
ibmdata_protection
7.1.3.0 ≤
𝑥
≤ 7.1.3.1
ibmdata_protection
7.1.3.0 ≤
𝑥
≤ 7.1.3.1
ibmdata_protection
8.1.0.0 ≤
𝑥
≤ 8.1.4.0
ibmdata_protection
8.1.0.0 ≤
𝑥
≤ 8.1.4.0
ibmdata_protection
8.1.0.0 ≤
𝑥
≤ 8.1.6.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=ibm10883782
https://exchange.xforce.ibmcloud.com/vulnerabilities/154280
http://www.ibm.com/support/docview.wss?uid=ibm10883782
https://exchange.xforce.ibmcloud.com/vulnerabilities/154280