CVE-2018-1639

Summary

The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 through 6.0.6 could allow an authenticated user to obtain sensitive information beyond its assigned privileges. IBM X-Force ID: 144579.

Affected Software

VendorProductVersion RangeStatus
IBMJazz Reporting Service5.0affected
IBMJazz Reporting Service5.0.1affected
IBMJazz Reporting Service5.0.2affected
IBMJazz Reporting Service6.0affected
IBMJazz Reporting Service6.0.1affected
IBMJazz Reporting Service6.0.2affected
IBMJazz Reporting Service6.0.3affected
IBMJazz Reporting Service6.0.4affected
IBMJazz Reporting Service6.0.5affected
IBMJazz Reporting Service6.0.6affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References