CVE-2017-5504

Отчет

Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-125: Out-of-bounds Read vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low. The use of baseline configurations, change control, and configuration settings within the platform enforces secure system configurations, patch management, and proper runtime settings, which helps prevent the introduction of memory handling issues through insecure defaults, unpatched components, and misconfigurations. Specifically, the use of process isolation and memory protection ensures memory integrity by isolating processes and enforcing memory protection mechanisms that limit an attacker's ability to exploit or read memory. System monitoring controls provide an additional layer of protection in the detection of anomalous behavior and unauthorized memory-related access.