CVE-2018-1606 Information

Description

IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6 IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6 IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6 IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1 IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow an authenticated user to obtain sensitive information from an error message that could be used in further attacks against the system. IBM X-Force ID: 143796.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Reference

http://www.ibm.com/support/docview.wss?uid=ibm10738301 https://exchange.xforce.ibmcloud.com/vulnerabilities/143796

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

NONE

Base Severity

4.3