There is a vulnerability in IBM® Cloud App Management V2018. IBM Cloud App Management V2018 could allow an attacker to obtain sensitive configuration information using a specially crafted HTTP request. IBM® Cloud App Management has addressed the applicable CVE in a later version.
CVEID: CVE-2018-1990 DESCRIPTION: IBM Cloud App Management V2018 could allow an attacker to obtain sensitive configuration information using a specially crafted HTTP request.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/154283> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
IBM Cloud App Management V2018.2.0
IBM Cloud App Management V2018.4.0
IBM Cloud App Management V2018.4.1
Install IBM Cloud App Management V2019.2.0 to address these security vulnerabilities. IBM Cloud App Management V2019.2.0 is available on IBM Passport Advantage.
None