CVE-2017-1545

4 documents4 sources

Severity

6.8MEDIUM

EPSS

0.1%

top 79.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Engineering Requirements Management Doors IBM Rational Doors

Timeline

PublishedJan 26

Latest updateMay 13

Description

IBM Doors Web Access 9.5 and 9.6 could allow an attacker with physical access to the system to log into the application using previously stored credentials. IBM X-Force ID: 130914.

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages2 packages

▶NVDibm/engineering_requirements_management_doors9.5.0.0 — 9.5.0.7+4

▶CVEListV5ibm/rational_doors42 versions+41

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-3v37-7hj4-mq66: IBM Doors Web Access 9↗2022-05-13

▶

CVEList

CVE-2017-1545: IBM Doors Web Access 9↗2018-01-26

▶

💬Community

Bugzilla

CVE-2017-15691 uima: XML external entity expansion (XXE) can allow attackers to execute arbitrary code↗2018-04-27

▶