CVE-2018-1987

{"id": "CVE-2018-1987", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 1.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.4}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2019-08-02T14:15:13.990", "references": [{"url": "http://www.ibm.com/support/docview.wss?uid=ibm10883782", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154280", "tags": ["VDB Entry", "Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=ibm10883782", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154280", "tags": ["VDB Entry", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "IBM Spectrum Protect for Enterprise Resource Planning 7.1 and 8.1, if tracing is activated, the IBM Spectrum Protect node password may be displayed in plain text in the ERP trace file. IBM X-Force ID: 154280."}, {"lang": "es", "value": "Spectrum Protect de IBM para Enterprise Resource Planning versi\u00f3n 7.1 y 8.1, si el rastreo est\u00e1 activado, la contrase\u00f1a del nodo de IBM Spectrum Protect puede mostrarse en texto plano en el archivo de rastreo ERP. ID de IBM X-Force: 154280."}], "lastModified": "2024-11-21T04:00:42.123", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_for_db2:*:*", "vulnerable": true, "matchCriteriaId": "EFB4FCF9-7F81-4CED-B08C-4DF7D8D5D4CF", "versionEndIncluding": "7.1.3.1", "versionStartIncluding": "7.1.3.0"}, {"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_for_oracle:*:*", "vulnerable": true, "matchCriteriaId": "45CA22F1-0F19-47A0-A8A0-413AC0F055A8", "versionEndIncluding": "7.1.3.1", "versionStartIncluding": "7.1.3.0"}, {"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_hana:*:*", "vulnerable": true, "matchCriteriaId": "AA57DAF6-87D4-4D88-B449-978340B4A5FD", "versionEndIncluding": "7.1.3.1", "versionStartIncluding": "7.1.3.0"}, {"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_for_db2:*:*", "vulnerable": true, "matchCriteriaId": "645EF2BE-2F15-4655-B2EA-4A8102137A41", "versionEndIncluding": "8.1.4.0", "versionStartIncluding": "8.1.0.0"}, {"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_for_oracle:*:*", "vulnerable": true, "matchCriteriaId": "D9195032-5514-47FC-9E4A-E691C1EEC1E6", "versionEndIncluding": "8.1.4.0", "versionStartIncluding": "8.1.0.0"}, {"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_hana:*:*", "vulnerable": true, "matchCriteriaId": "F5DC7082-39B0-4CA7-ABCA-AE40E834782F", "versionEndIncluding": "8.1.6.0", "versionStartIncluding": "8.1.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}