CVE-2018-1928

Summary

IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state changing actions restricted to a high privileged user. IBM X-Force ID: 153119.

Affected Software

VendorProductVersion RangeStatus
IBMStoredIQ7.6.0affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References