CVE-2018-1587
MEDIUMIBM Rational Rhapsody/Design Manager 5.0-5.0.2/6.0-6.0.5 Info Disclosure via Error Messages
Title source: llmDescription
IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 could reveal technical error messages to allow an adversary to gain information about the application and database that could be used to conduct further attacks. IBM X-Force ID: 143500.
References (2)
Core 2
Core References
VDB Entry, Vendor Advisory vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/143500
Patch, Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=ibm10716029
Scores
CVSS v3
4.3
EPSS
0.0098
EPSS Percentile
58.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (2)
ibm/rational_rhapsody_design_manager
5.0 - 5.0.2
ibm/rational_software_architect_design_manager
5.0 - 5.0.2
Published
Jul 19, 2018
Tracked Since
Feb 18, 2026