Information Disclosure Vulnerability in IBM Curam Social Program Management (SPM)

CVE-2014-4843 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.5 iFix5 allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors related to a URL.

Learn more about our Cis Benchmark Audit For Ibm I.