CVE-2017-1355 Information
Feb 14, 2021
cve
Description
IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs referrer header or browser history. IBM X-Force ID: 126682.
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Reference
http://www.securityfocus.com/bid/102016 https://exchange.xforce.ibmcloud.com/vulnerabilities/126682 https://www.ibm.com/support/docview.wss?uid=swg22005836
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
NONE
Base Score
NONE
Base Severity
3.7
Share on: