What is CVE-2018-1485?

CVE-2018-1485 is a low-severity vulnerability in Ibm Bigfix Platform. CVSS score: 3.1/10. Published 2018-12-12.

How severe is CVE-2018-1485?

Low severity. CVSS v3 base score is 3.1 out of 10.

Vulnerability in Ibm Bigfix Platform

CVE-2018-1485

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie th…

EPSS: 0.001 (29.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.1 (Low). Vector: CVSS:3.0/A:N/AC:H/AV:N/C:L/I:N/PR:L/S:U/UI:N/E:U/RC:C/RL:O.

Affected products

Ibm Bigfix Platform — versions 9.2.14, 9.5.9, 9.5.0

References

www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
ibm-bigfix-cve20181485-info-disc(140970) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2018-1485?: CVE-2018-1485 is a low-severity vulnerability in Ibm Bigfix Platform. CVSS score: 3.1/10. Published 2018-12-12.
How severe is CVE-2018-1485?: Low severity. CVSS v3 base score is 3.1 out of 10.