CVE-2017-1370

2017-07-3121:00:00

ibm

www.cve.org

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

31.6%

JSON

IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page. IBM X-Force ID: 126863.

CNA Affected

[
  {
    "product": "Jazz Reporting Service",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "5.0"
      },
      {
        "status": "affected",
        "version": "5.0.1"
      },
      {
        "status": "affected",
        "version": "5.0.2"
      },
      {
        "status": "affected",
        "version": "6.0"
      },
      {
        "status": "affected",
        "version": "6.0.1"
      },
      {
        "status": "affected",
        "version": "6.0.2"
      },
      {
        "status": "affected",
        "version": "6.0.3"
      },
      {
        "status": "affected",
        "version": "6.0.4"
      }
    ]
  }
]