3 matches found
Security Bulletin: Missing Secure HTTP Headers
Summary During internal penetration testing we identified that the IBM i2 Enterprise Insight Analysis application could be made more secure with the addition of some HTTP headers. Vulnerability Details CVEID: CVE-2018-1525 DESCRIPTION: IBM i2 Intelligent Analyis Platform could allow a remote...
CVE-2018-1505
IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 141413...
CVE-2018-1505
IBM i2 Enterprise Insight Analysis 2.1.7 is affected by an information disclosure vulnerability where web pages can be stored locally and read by another user on the same system. The IBM bulletin indicates remediation by upgrading to the 2.2.0 release (updates include added secure headers; applie...