CVE-2017-9369

Опубликовано: 14 нояб. 2017

Источник: nvd

CVSS3: 4.9

CVSS3: 3.8

CVSS2: 4

EPSS Низкий

Описание

In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment variables that influence the loader.

Ссылки

http://support.blackberry.com/kb/articleDetail?articleNumber=000046674
Mitigation
Vendor Advisory
http://support.blackberry.com/kb/articleDetail?articleNumber=000046674
Mitigation
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:blackberry:qnx_software_development_platform:6.5.0:*:*:*:*:*:*:*

cpe:2.3:a:blackberry:qnx_software_development_platform:6.5.0:sp1:*:*:*:*:*:*

cpe:2.3:a:blackberry:qnx_software_development_platform:6.6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.0024

Низкий

4.9 Medium

CVSS3

3.8 Low

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-w6h6-4w93-vgvw

CVSS3: 4.9

github

больше 3 лет назад

EPSS

Процентиль: 47%

0.0024

Низкий

4.9 Medium

CVSS3

3.8 Low

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200