CVE-2017-1116

CWE-200Information Exposure4 documents4 sources
Severity
4.3MEDIUM
EPSS
0.2%
top 56.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Campaign
Timeline
PublishedApr 27
Latest updateMay 14

Description

IBM Campaign 8.6, 9.0, 9.1, 9.1.1, 9.1.2, and 10.0 contains excessive details on the client side which could provide information useful for an authenticated user to conduct other attacks. IBM X-Force ID: 121154.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/campaign6 versions+5
NVDibm/campaign6 versions+5

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-26j2-cp35-2r7f: IBM Campaign 82022-05-14
CVEList
CVE-2017-1116: IBM Campaign 82018-04-27

💥Exploits & PoCs

1
Exploit-DB
Apple macOS/iOS Kernel 10.12.3 (16D32) - Bad Locking in necp_open Use-After-Free2017-04-04
CVE-2017-1116 (MEDIUM CVSS 4.3) | IBM Campaign 8.6 | cvebase.io