CVE-2018-1623

Vulnerability

IBM Security Privileged Identity Manager Virtual Appliance version 2.2.1 stores web pages locally on the system. A local user can read these stored web pages, potentially gaining access to sensitive information. The vulnerability is present in the default configuration and requires no special conditions beyond local file system access.

Exploitation

An attacker with local access to the system can read the stored web pages by navigating to the file system location where they are saved. No authentication or user interaction is required beyond having local user privileges on the appliance. The attacker does not need to be the same user that originally accessed the web pages.

Impact

Successful exploitation allows an attacker to read the contents of locally stored web pages, which may contain sensitive information such as session tokens, credentials, or other confidential data. This results in information disclosure, compromising the confidentiality of the system. No remote code execution or privilege escalation is achieved.

Mitigation

IBM has addressed this vulnerability in a security bulletin [1] that includes fixes for multiple issues. Users should apply the latest updates provided by IBM for the IBM Security Privileged Identity Manager Virtual Appliance. No workaround is documented in the available references. The fixed version is not explicitly stated in the provided text, but the bulletin indicates that the vulnerability is resolved.