CVE-2017-1211
low-risk
Published 2017-10-24
IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 could disclose sensitive information to a local user when logging is enabled. IBM X-Force ID: 123851.
Do I need to act?
-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
2
CVSS 2.5/10
Low
LOCAL
/ HIGH complexity
Affected Products (10)
Daeja Viewone
Daeja Viewone
Daeja Viewone
Daeja Viewone
Daeja Viewone
Daeja Viewone
Daeja Viewone
Daeja Viewone
Daeja Viewone
Daeja Viewone
Affected Vendors
References (6)
Issue Tracking
http://www.ibm.com/support/docview.wss?uid=swg22008011
Third Party Advisory
http://www.securityfocus.com/bid/101526
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/123851
Issue Tracking
http://www.ibm.com/support/docview.wss?uid=swg22008011
Third Party Advisory
http://www.securityfocus.com/bid/101526
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/123851
22
/ 100
low-risk
Severity
6/34 · Minimal
Exploitability
0/34 · Minimal
Exposure
16/34 · Moderate