CVE-2017-1720

CWE-77Command Injection3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.2%
top 58.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Client Application AccessIBM Notes
Timeline
PublishedFeb 13
Latest updateMay 14

Description

IBM Notes 8.5 and 9.0 could allow a local attacker to execute arbitrary commands by carefully crafting a command line sent via the shared memory IPC. IBM X-Force ID: 134807.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages4 packages

CVEListV5ibm/notes5 versions+4
NVDibm/notes6 versions+5
CVEListV5ibm/client_application_access1.0.0.1, 1.0.1, 1.0.1.2+2
NVDibm/client_application_access1.0.1.0, 1.0.1.1, 1.0.1.2+2

Patches

Patch: www.ibm.comPatch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-5fhf-9php-ghhj: IBM Notes 82022-05-14
CVEList
CVE-2017-1720: IBM Notes 82018-02-13
CVE-2017-1720 (MEDIUM CVSS 5.3) | IBM Notes 8.5 and 9.0 could allow a | cvebase.io