CVE-2018-1587

MEDIUM

IBM Rational Rhapsody/Design Manager 5.0-5.0.2/6.0-6.0.5 Info Disclosure via Error Messages

Title source: llm
STIX 2.1

Description

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 could reveal technical error messages to allow an adversary to gain information about the application and database that could be used to conduct further attacks. IBM X-Force ID: 143500.

References (2)

Core 2
Core References
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/143500
Patch, Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=ibm10716029

Scores

CVSS v3 4.3
EPSS 0.0098
EPSS Percentile 58.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (2)
ibm/rational_rhapsody_design_manager 5.0 - 5.0.2
ibm/rational_software_architect_design_manager 5.0 - 5.0.2
Published Jul 19, 2018
Tracked Since Feb 18, 2026