Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-1928

IBM StoredIQ 7.6.0 does not implement proper authorization of user roles due to which it was possible for a low privileged user to access the application endpoints of high privileged users and also perform some state changing actions restricted to a high privileged user. IBM X-Force ID: 153119.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.5%
CVSS Severity
CVSS v3 Score 6.7
CVSS v2 Score 2.1
Products affected by CVE-2018-1928
  • Ibm » Storediq » Version: 7.6.0.0
    cpe:2.3:a:ibm:storediq:7.6.0.0
  • Ibm » Storediq » Version: 7.6.0.1
    cpe:2.3:a:ibm:storediq:7.6.0.1
  • Ibm » Storediq » Version: 7.6.0.10
    cpe:2.3:a:ibm:storediq:7.6.0.10
  • Ibm » Storediq » Version: 7.6.0.11
    cpe:2.3:a:ibm:storediq:7.6.0.11
  • Ibm » Storediq » Version: 7.6.0.12
    cpe:2.3:a:ibm:storediq:7.6.0.12
  • Ibm » Storediq » Version: 7.6.0.13
    cpe:2.3:a:ibm:storediq:7.6.0.13
  • Ibm » Storediq » Version: 7.6.0.14
    cpe:2.3:a:ibm:storediq:7.6.0.14
  • Ibm » Storediq » Version: 7.6.0.15
    cpe:2.3:a:ibm:storediq:7.6.0.15
  • Ibm » Storediq » Version: 7.6.0.16
    cpe:2.3:a:ibm:storediq:7.6.0.16
  • Ibm » Storediq » Version: 7.6.0.2
    cpe:2.3:a:ibm:storediq:7.6.0.2
  • Ibm » Storediq » Version: 7.6.0.3
    cpe:2.3:a:ibm:storediq:7.6.0.3
  • Ibm » Storediq » Version: 7.6.0.4
    cpe:2.3:a:ibm:storediq:7.6.0.4
  • Ibm » Storediq » Version: 7.6.0.5
    cpe:2.3:a:ibm:storediq:7.6.0.5
  • Ibm » Storediq » Version: 7.6.0.6
    cpe:2.3:a:ibm:storediq:7.6.0.6
  • Ibm » Storediq » Version: 7.6.0.7
    cpe:2.3:a:ibm:storediq:7.6.0.7
  • Ibm » Storediq » Version: 7.6.0.8
    cpe:2.3:a:ibm:storediq:7.6.0.8
  • Ibm » Storediq » Version: 7.6.0.9
    cpe:2.3:a:ibm:storediq:7.6.0.9


Products
Pricing
Contact Us

Shodan ® - All rights reserved