CVE-2018-1492

MEDIUM

IBM Jazz Foundation - Privilege Escalation

Title source: llm

Description

IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. IBM X-Force ID: 140977.

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/140977

Vendor Advisory x_refsource_confirm

http://www.ibm.com/support/docview.wss?uid=ibm10716599

Scores

CVSS v3 4.3

EPSS 0.0037

EPSS Percentile 28.2%

Attack Vector PHYSICAL

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-384

Status published

Products (7)

ibm/rational_collaborative_lifecycle_management 5.0 - 6.0.5

ibm/rational_doors_next_generation 5.0 - 5.0.2

ibm/rational_engineering_lifecycle_manager 5.0 - 5.0.2

ibm/rational_quality_manager 5.0 - 5.0.2

ibm/rational_rhapsody_design_manager 5.0 - 5.0.2

ibm/rational_software_architect_design_manager 5.0 - 5.0.2

ibm/rational_team_concert 5.0 - 5.0.2

Published Jul 10, 2018

Tracked Since Feb 18, 2026