CVE-2018-1886: Infoleak
First published: Thu Dec 13 2018(Updated: )
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 152021.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Access Manager | >=9.0.1.0<=9.0.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-1886?
CVE-2018-1886 is a vulnerability in IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 that allows unauthorized users to access sensitive information.
How severe is CVE-2018-1886?
CVE-2018-1886 has a severity rating of 5.3, which is considered medium.
How does CVE-2018-1886 affect IBM Security Access Manager?
CVE-2018-1886 exposes sensitive information, which can be used by attackers to launch further attacks on IBM Security Access Manager.
What is the Common Weakness Enumeration (CWE) number associated with CVE-2018-1886?
CVE-2018-1886 is associated with CWE-200, which is the classification for information exposure.
How can I fix CVE-2018-1886?
To fix CVE-2018-1886, you should apply the necessary updates or patches provided by IBM to address the vulnerability.
- collector/nvd-index
- agent/type
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/description
- agent/event
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm security access manager
- version/ibm security access manager/9.0.1.0
- version/ibm security access manager/9.0.5.0