Vulnerability Details CVE-2018-1756
IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-Force ID: 148599.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.271
EPSS Ranking 96.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.ibm.com/support/docview.wss?uid=ibm10728883
- https://exchange.xforce.ibmcloud.com/vulnerabilities/148599
- https://www.exploit-db.com/exploits/45392/
- http://www.ibm.com/support/docview.wss?uid=ibm10728883
- https://exchange.xforce.ibmcloud.com/vulnerabilities/148599
- https://www.exploit-db.com/exploits/45392/
Products affected by CVE-2018-1756
-
cpe:2.3:a:ibm:security_identity_governance_and_intelligence:5.2.3.2
-
cpe:2.3:a:ibm:security_identity_governance_and_intelligence:5.2.4