CVE-2015-7401: Infoleak
First published: Mon Mar 26 2018(Updated: )
IBM Curam Social Program Management 6.1.x before 6.1.1.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive document information by guessing the document id. IBM X-Force ID: 107106.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Curam Social Program Management | >=6.1.0.0<6.1.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2015-7401.
What is the title of this vulnerability?
The title of this vulnerability is 'IBM Curam Social Program Management 6.1.x before 6.1.1.1 allows remote authenticated users to bypass…'
What is the description of this vulnerability?
The description of this vulnerability is 'IBM Curam Social Program Management 6.1.x before 6.1.1.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive document information by guessing the document id. IBM X-Force ID: 107106.'
What is the severity rating of this vulnerability?
The severity rating of this vulnerability is medium (4.3).
How can remote authenticated users exploit this vulnerability?
Remote authenticated users can exploit this vulnerability by guessing the document id to bypass intended access restrictions and obtain sensitive document information.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/event
- agent/description
- agent/type
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm curam social program management
- version/ibm curam social program management/6.1.0.0