IBM StoredIQ has addressed the following vulnerability that could allow an authenticated attacker to bypass certain security restrictions.
CVEID: CVE-2018-1583**
DESCRIPTION:** IBM StoredIQ could allow an authenticated attacker to bypass certain security restrictions. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to access and manipulate documents on StoredIQ managed data sources.
CVSS Base Score: 5.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/143331 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)
Affected IBM StoredIQ
|
Affected Version
—|—
IBM StoredIQ| 7.6.0
Product
| VRM|Remediation
—|—|—
IBM StoredIQ| 7.6.0| Upgrade to latest Fix Pack StoredIQ 7.6.0.15 and apply Interim Fix 7.6.0.15-IBMStoredIQ-IF001 that is available from Fix Central
None