CVE-2014-4781

Published: Feb 13, 2015Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before 3.0.0.2 allows remote attackers to obtain sensitive Alert management-services API information via a network-tracing attack.

Affected (3)

Products: Ibm: Infosphere Biginsights

Ibm

1 product

Infosphere Biginsights

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Ibm Infosphere Biginsights	Version 2.1.2.0
Ibm Infosphere Biginsights	Version 3.0.0.0
Ibm Infosphere Biginsights	Version 3.0.0.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg21693053

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/95028

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21693053

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/95028

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.