First published: Mon Apr 29 2019(Updated: )
IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. IBM X-Force ID: 156243.
Credit: psirt@us.ibm.com psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Jazz Reporting Service | =6.0.6 | |
=6.0.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for IBM Jazz Reporting Service (JRS) 6.0.6 is CVE-2019-4047.
The severity of CVE-2019-4047 is medium, with a score of 4.3.
An authenticated user can exploit CVE-2019-4047 by accessing the execution log files as a guest user and obtaining server execution information.
Yes, a fix is available for CVE-2019-4047. Please refer to the IBM support documentation for more information.
You can find more information about CVE-2019-4047 on the following websites: SecurityFocus, IBM X-Force, and the IBM support documentation.