IBM InfoSphere IGC Multiple Vulnerabilities

high Nessus Plugin ID 110416

Synopsis

IBM InfoSphere IGC requires a security update

Description

The version of IBM InfoSphere Information Governance Catalog installed is less than 11.3.1.2 / 11.7.0.1 or 11.5.x.x and is therefore affected by multiple vulnerabilities.

Solution

Refer to vendor advisory.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg22015222

http://www-01.ibm.com/support/docview.wss?uid=swg22014911

http://www-01.ibm.com/support/docview.wss?uid=swg22005503

Plugin Details

Severity: High

ID: 110416

File Name: ibm_igc_jun_2018.nasl

Version: 1.6

Type: remote

Family: CGI abuses

Published: 6/8/2018

Updated: 11/4/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2017-1350

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:infosphere_information_governance_catalog

Required KB Items: installed_sw/IBM IGC

Exploit Ease: No known exploits are available

Patch Publication Date: 6/8/2018

Vulnerability Publication Date: 6/8/2018

Reference Information

CVE: CVE-2017-1350, CVE-2018-1432, CVE-2018-1454