CVE-2017-1794

CWE-400Uncontrolled Resource Consumption3 documents3 sources
Severity
7.5HIGH
EPSS
0.4%
top 40.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Tivoli Monitoring
Timeline
PublishedSep 19
Latest updateMay 13

Description

IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

NVDibm/tivoli_monitoring6.2.36.2.3.5+1
CVEListV5ibm/tivoli_monitoring14 versions+13

🔴Vulnerability Details

2
GHSA
GHSA-gr52-8x59-f3fp: IBM Tivoli Monitoring 62022-05-13
CVEList
CVE-2017-1794: IBM Tivoli Monitoring 62018-09-19
CVE-2017-1794 (HIGH CVSS 7.5) | IBM Tivoli Monitoring 6.2.3 through | cvebase.io