CVE-2018-1705: Infoleak
First published: Tue Aug 28 2018(Updated: )
IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 contain an information disclosure vulnerability that could allow an authenticated attacker to obtain highly sensitive information. IBM X-Force ID: 146340.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Platform Symphony | =7.1-fp1 | |
| IBM Platform Symphony | =7.1.1 | |
| IBM Spectrum Symphony | =7.1.2 | |
| IBM Spectrum Symphony | =7.2.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2018-1705.
What is the severity level of CVE-2018-1705?
The severity level of CVE-2018-1705 is medium with a score of 6.5.
What is the affected software for CVE-2018-1705?
The affected software for CVE-2018-1705 includes IBM Platform Symphony versions 7.1 Fix Pack 1 and 7.1.1, and IBM Spectrum Symphony versions 7.1.2 and 7.2.0.2.
What is the impact of CVE-2018-1705?
CVE-2018-1705 can allow an authenticated attacker to obtain highly sensitive information.
How can I fix CVE-2018-1705?
To fix CVE-2018-1705, it is recommended to apply the necessary updates provided by IBM.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm platform symphony
- version/ibm platform symphony/7.1-fp1
- version/ibm platform symphony/7.1.1
- canonical/ibm spectrum symphony
- version/ibm spectrum symphony/7.1.2
- version/ibm spectrum symphony/7.2.0.2