CVE-2018-1481

Summary

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 140763.

Affected Software

VendorProductVersion RangeStatus
IBMBigFix Platform9.5.9affected
IBMBigFix Platform9.2.0affected
IBMBigFix Platform9.2.14affected
IBMBigFix Platform9.5.0affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References