CVE-2017-1257Sensitive Information Exposure in IBM Security Guardium

CWE-200Sensitive Information Exposure5 documents5 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 54.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Guardium
Timeline
PublishedDec 20
Latest updateMay 14

Description

IBM Security Guardium 10.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 124684.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/security_guardium5 versions+4
NVDibm/security_guardium5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-3cv6-g432-57c7: IBM Security Guardium 102022-05-14
CVEList
CVE-2017-1257: IBM Security Guardium 102017-12-20

💥Exploits & PoCs

1
Exploit-DB
VirtualBox 5.1.22 - Windows Process DLL Signature Bypass Privilege Escalation2017-08-03

💬Community

1
Bugzilla
CVE-2017-1000232 ldns: Memory corruption in ldns_str2rdf_long_str2017-11-08
CVE-2017-1257 — Sensitive Information Exposure in IBM | cvebase