CVE-2018-1366 — IBM Content Navigator vulnerability

3 documents3 sources

Severity

7.8HIGHNVD

EPSS

0.2%

top 62.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Content Navigator

Timeline

PublishedFeb 7

Latest updateMay 13

Description

IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma Separated Value (CSV) Injection. An attacker could exploit this vulnerability to exploit other vulnerabilities in spreadsheet software. IBM X-Force ID: 137452.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5ibm/content_navigator6 versions+5

▶NVDibm/content_navigator6 versions+5

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-3h2q-4qw3-2f5h: IBM Content Navigator 2↗2022-05-13

▶

CVEList

CVE-2018-1366: IBM Content Navigator 2↗2018-02-07

▶