CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-1843

The Identity and Access Management (IAM) services (IBM Cloud Private 3.1.0) do not use a secure channel, such as SSL, to exchange information only when accessed internally from within the cluster. It could be possible for an attacker with access to network traffic to sniff packets from the connection and uncover data. IBM X-Force ID: 150903

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.3%

CVSS Severity

CVSS v3 Score 4.1

CVSS v2 Score 1.9

References

http://www.ibm.com/support/docview.wss?uid=ibm10739845
https://exchange.xforce.ibmcloud.com/vulnerabilities/150903
http://www.ibm.com/support/docview.wss?uid=ibm10739845
https://exchange.xforce.ibmcloud.com/vulnerabilities/150903

Products affected by CVE-2018-1843

Ibm » Cloud Private » Version: 3.1.0

cpe:2.3:a:ibm:cloud_private:3.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1843

Products

Pricing

Contact Us