CVE-2017-1119

Опубликовано: 09 нояб. 2018

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171.

Ссылки

http://www.ibm.com/support/docview.wss?uid=ibm10738519
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/121171
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=ibm10738519
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/121171
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:marketing_operations:*:*:*:*:*:*:*:*

Версия от 9.1.0.0 (включая) до 9.1.0.12 (включая)

cpe:2.3:a:ibm:marketing_operations:*:*:*:*:*:*:*:*

Версия от 9.1.2.0 (включая) до 9.1.2.7 (включая)

cpe:2.3:a:ibm:marketing_operations:10.1:*:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00094

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-cxx5-8m2m-qxff