Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-1129

6 documents4 sources
Severity
6.5MEDIUM
EPSS
68.5%
top 1.38%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
4
IBM Lotus ExpeditorIBM NotesIBM Expeditor+1 more
Timeline
PublishedSep 5
Latest updateMay 13

Description

IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

CVEListV5ibm/notes5 versions+4
NVDibm/inotes14 versions+13
NVDibm/expeditor6.2.1, 6.2.2, 6.2.3+2
CVEListV5ibm/lotus_expeditor6.2.1, 6.2.2, 6.2.3+2

Patches

Patch: www.ibm.comPatch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-86hv-3x2f-j4q8: IBM Notes 82022-05-13
CVEList
CVE-2017-1129: IBM Notes 82017-09-05

💥Exploits & PoCs

3
Exploit-DB
IBM Notes 8.5.x/9.0.x - Denial of Service2017-09-02
Exploit-DB
IBM Notes 8.5.x/9.0.x - Denial of Service (Metasploit)2017-08-31
Exploit-DB
Apple macOS/iOS Kernel 10.12.3 (16D32) - Double-Free Due to Bad Locking in fsevents Device2017-04-04
CVE-2017-1129 (MEDIUM CVSS 6.5) | IBM Notes 8.5 and 9.0 is vulnerable | cvebase.io