Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-1130

4 documents4 sources
Severity
6.5MEDIUM
EPSS
65.5%
top 1.51%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
IBM NotesIBM Inotes
Timeline
PublishedSep 5
Latest updateMay 13

Description

IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it would open up many file select dialog boxes which would cause the client hang and have to be restarted. IBM X-Force ID: 121371.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/notes5 versions+4
NVDibm/inotes14 versions+13

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-g5fp-9f6p-pwwr: IBM Notes 82022-05-13
CVEList
CVE-2017-1130: IBM Notes 82017-09-05

💥Exploits & PoCs

1
Exploit-DB
IBM Notes 8.5.x/9.0.x - Denial of Service (2)2017-08-31
CVE-2017-1130 (MEDIUM CVSS 6.5) | IBM Notes 8.5 and 9.0 is vulnerable | cvebase.io