CVE-2018-1437

CWE-4263 documents3 sources
Severity
7.8HIGH
EPSS
0.3%
top 51.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Notes
Timeline
PublishedMar 14
Latest updateMay 13

Description

IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by an error related to multiple untrusted search path. A local attacker could exploit this vulnerability to DLL hijacking to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 139565.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5ibm/notes11 versions+10
NVDibm/notes11 versions+10

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-x3h5-3jh8-247m: IBM Notes 82022-05-13
CVEList
CVE-2018-1437: IBM Notes 82018-03-14
CVE-2018-1437 (HIGH CVSS 7.8) | IBM Notes 8.5 and 9.0 could allow a | cvebase.io