Information disclosure in Ibm Infosphere_biginsights

CVE-2014-4781

The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before 3.0.0.2 allows remote attackers to obtain sensitive Alert management-services API information via a network-tracing attack.

Vulnerability class: Information Disclosure

EPSS: 0.012 (63.4th percentile) — read the EPSS interpretation.

Affected products

Ibm Infosphere_biginsights — versions 2.1.2.0, 3.0.0.0, 3.0.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
psirt@us.ibm.com (vdb-entry, x_refsource_XF)