Skip to main content

Inotes CVE-2017-1214

MEDIUM
Information Exposure (CWE-200)
2017-06-12 psirt@us.ibm.com
5.7
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
5.7 MEDIUM
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jun 12, 2017 - 19:29 cve.org
MEDIUM 5.7

DescriptionCVE.org

IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854.

AnalysisAI

IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Technical ContextAI

This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. IBM iNotes 8.5 and 9.0 could allow a remote attacker to send a malformed email to a victim, that when opened could cause an information disclosure. IBM X-Force ID: 123854. Affected products include: Ibm Inotes.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.

More in Inotes

View all
CVE-2017-1129 MEDIUM POC
6.5 Sep 05

IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remo

CVE-2017-1130 MEDIUM POC
6.5 Sep 05

IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remo

CVE-2017-1325 MEDIUM
6.1 May 26

IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is re

CVE-2017-1421 MEDIUM
6.1 Dec 13

IBM iNotes is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely explo

CVE-2016-5883 MEDIUM
6.1 Feb 23

IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is re

CVE-2017-1327 MEDIUM
6.1 Aug 03

IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is re

CVE-2017-1332 MEDIUM
6.1 Jul 31

IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is re

CVE-2016-5881 MEDIUM
6.1 Feb 01

IBM iNotes is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely explo

CVE-2016-6113 MEDIUM
6.1 Feb 01

IBM Verse is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploi

CVE-2016-5884 MEDIUM
6.1 Feb 01

IBM iNotes is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely explo

CVE-2016-5882 MEDIUM
6.1 Feb 01

IBM iNotes is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely explo

CVE-2016-2939 MEDIUM
6.1 Feb 01

IBM iNotes is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely explo

Share

CVE-2017-1214 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy