CVE-2017-1232

Опубликовано: 26 окт. 2017

Источник: nvd

CVSS3: 5.9

CVSS2: 4.3

EPSS Низкий

Описание

IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. IBM X-Force ID: 123911.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22009673
Patch
Vendor Advisory
http://www.securityfocus.com/bid/101571
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/123911
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22009673
Patch
Vendor Advisory
http://www.securityfocus.com/bid/101571
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/123911
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:bigfix_platform:9.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:bigfix_platform:9.5:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00137

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-319

Связанные уязвимости

GHSA-hx93-rrxp-mmvq