{"containers": {"cna": {"affected": [{"product": "Spectrum Protect for Enterprise Resource Planning", "vendor": "IBM", "versions": [{"status": "affected", "version": "7.1"}, {"status": "affected", "version": "8.1"}]}], "datePublic": "2019-07-31T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "IBM Spectrum Protect for Enterprise Resource Planning 7.1 and 8.1, if tracing is activated, the IBM Spectrum Protect node password may be displayed in plain text in the ERP trace file. IBM X-Force ID: 154280."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 4.5, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/PR:N/S:U/AC:H/I:N/AV:L/UI:N/C:H/A:N/E:U/RL:O/RC:C", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Obtain Information", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-08-02T14:10:12.000Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=ibm10883782"}, {"name": "ibm-tivoli-cve20181987-info-disc (154280)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154280"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2019-07-31T00:00:00", "ID": "CVE-2018-1987", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Spectrum Protect for Enterprise Resource Planning", "version": {"version_data": [{"version_value": "7.1"}, {"version_value": "8.1"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM Spectrum Protect for Enterprise Resource Planning 7.1 and 8.1, if tracing is activated, the IBM Spectrum Protect node password may be displayed in plain text in the ERP trace file. IBM X-Force ID: 154280."}]}, "impact": {"cvssv3": {"BM": {"A": "N", "AC": "H", "AV": "L", "C": "H", "I": "N", "PR": "N", "S": "U", "UI": "N"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Obtain Information"}]}]}, "references": {"reference_data": [{"name": "http://www.ibm.com/support/docview.wss?uid=ibm10883782", "refsource": "CONFIRM", "title": "IBM Security Bulletin 883782 (Spectrum Protect for Enterprise Resource Planning)", "url": "http://www.ibm.com/support/docview.wss?uid=ibm10883782"}, {"name": "ibm-tivoli-cve20181987-info-disc (154280)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154280"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T04:14:39.557Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=ibm10883782"}, {"name": "ibm-tivoli-cve20181987-info-disc (154280)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154280"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2018-1987", "datePublished": "2019-08-02T14:10:12.747Z", "dateReserved": "2017-12-13T00:00:00.000Z", "dateUpdated": "2024-09-17T02:52:22.207Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_for_db2:*:*", "matchCriteriaId": "EFB4FCF9-7F81-4CED-B08C-4DF7D8D5D4CF", "versionEndIncluding": "7.1.3.1", "versionStartIncluding": "7.1.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_for_oracle:*:*", "matchCriteriaId": "45CA22F1-0F19-47A0-A8A0-413AC0F055A8", "versionEndIncluding": "7.1.3.1", "versionStartIncluding": "7.1.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_hana:*:*", "matchCriteriaId": "AA57DAF6-87D4-4D88-B449-978340B4A5FD", "versionEndIncluding": "7.1.3.1", "versionStartIncluding": "7.1.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_for_db2:*:*", "matchCriteriaId": "645EF2BE-2F15-4655-B2EA-4A8102137A41", "versionEndIncluding": "8.1.4.0", "versionStartIncluding": "8.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_for_oracle:*:*", "matchCriteriaId": "D9195032-5514-47FC-9E4A-E691C1EEC1E6", "versionEndIncluding": "8.1.4.0", "versionStartIncluding": "8.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:data_protection:*:*:*:*:*:sap_hana:*:*", "matchCriteriaId": "F5DC7082-39B0-4CA7-ABCA-AE40E834782F", "versionEndIncluding": "8.1.6.0", "versionStartIncluding": "8.1.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM Spectrum Protect for Enterprise Resource Planning 7.1 and 8.1, if tracing is activated, the IBM Spectrum Protect node password may be displayed in plain text in the ERP trace file. IBM X-Force ID: 154280."}, {"lang": "es", "value": "Spectrum Protect de IBM para Enterprise Resource Planning versi\u00f3n 7.1 y 8.1, si el rastreo est\u00e1 activado, la contrase\u00f1a del nodo de IBM Spectrum Protect puede mostrarse en texto plano en el archivo de rastreo ERP. ID de IBM X-Force: 154280."}], "id": "CVE-2018-1987", "lastModified": "2024-11-21T04:00:42.123", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.4, "impactScore": 3.6, "source": "psirt@us.ibm.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-02T14:15:13.990", "references": [{"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=ibm10883782"}, {"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154280"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=ibm10883782"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154280"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}