CVE-2017-1231

CWE-522Insufficiently Protected Credentials3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 91.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Bigfix Platform
Timeline
PublishedOct 12
Latest updateMay 13

Description

IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 123910.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

NVDibm/bigfix_platform9.59.5.9
CVEListV5ibm/bigfix_platform10 versions+9

🔴Vulnerability Details

2
GHSA
GHSA-qqwq-5j23-4r5c: IBM BigFix Platform 92022-05-13
CVEList
CVE-2017-1231: IBM BigFix Platform 92018-10-12
CVE-2017-1231 (HIGH CVSS 7.8) | IBM BigFix Platform 9.5 - 9.5.9 sto | cvebase.io