nvd-json-data-feeds/CVE-2018/CVE-2018-15xx/CVE-2018-1587.json

{
  "id": "CVE-2018-1587",
  "sourceIdentifier": "psirt@us.ibm.com",
  "published": "2018-07-19T14:29:00.510",
  "lastModified": "2019-10-09T23:38:41.947",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 could reveal technical error messages to allow an adversary to gain information about the application and database that could be used to conduct further attacks. IBM X-Force ID: 143500."
    },
    {
      "lang": "es",
      "value": "IBM Rational Rhapsody Design Manager desde la versi\u00f3n 5.0 hasta la 5.0.2 y desde la versi\u00f3n 6.0 hasta la 6.0.5 y IBM Rational Software Architect Design Manager desde la versi\u00f3n 5.0 hasta la 5.0.2 y desde la versi\u00f3n 6.0 hasta la 6.0.1 podr\u00edan revelar mensajes de error t\u00e9cnico para permitir que un adversario obtenga informaci\u00f3n sobre la aplicaci\u00f3n y la base de datos que pueda emplearse para llevar a cabo m\u00e1s ataques. IBM X-Force ID: 143500."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4
      },
      {
        "source": "psirt@us.ibm.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "5.0",
              "versionEndIncluding": "5.0.2",
              "matchCriteriaId": "B07DA35D-2527-4DE8-97F1-9FC1C48255EE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:rational_rhapsody_design_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "6.0",
              "versionEndIncluding": "6.0.5",
              "matchCriteriaId": "1B2601D1-4D55-4B4A-9CED-CF736270E63F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "5.0",
              "versionEndIncluding": "5.0.2",
              "matchCriteriaId": "1113669B-B338-4ABD-9A34-B57880020C84"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:rational_software_architect_design_manager:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "6.0",
              "versionEndIncluding": "6.0.1",
              "matchCriteriaId": "A237ED01-A834-46B3-9396-6BA0EFF2B27A"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.ibm.com/support/docview.wss?uid=ibm10716029",
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/143500",
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ]
    }
  ]
}