CVE-2017-1214Sensitive Information Exposure in IBM Inotes

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.7MEDIUMNVD
EPSS
0.4%
top 42.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Inotes
Timeline
PublishedJun 12
Latest updateMay 17

Description

IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:NExploitability: 2.1 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/inotes14 versions+13
NVDibm/inotes27 versions+26

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-r833-9vv5-fhp3: IBM iNotes 82022-05-17
CVEList
CVE-2017-1214: IBM iNotes 82017-06-12

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows - 'nt!NtQueryInformationWorkerFactory (WorkerFactoryBasicInformation)' Kernel Stack Memory Disclosure2017-06-23
CVE-2017-1214 — Sensitive Information Exposure in IBM | cvebase