CVE-2017-1107

Published: Jun 19, 2019Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

IBM Marketing Platform 9.1.0, 9.1.2, 10.0, and 10.1 exposes sensitive information in the headers that could be used by an authenticated attacker in further attacks against the system. IBM X-Force ID: 120906.

Affected (4)

Products: Ibm: Marketing Platform

Ibm

1 product

Marketing Platform

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Ibm Marketing Platform	Version 10.0
Ibm Marketing Platform	Version 10.1
Ibm Marketing Platform	Version 9.1.0.0
Ibm Marketing Platform	Version 9.1.2

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://www.securityfocus.com/bid/108918

Source: psirt@us.ibm.com

Broken LinkThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/120906

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

https://www.ibm.com/support/docview.wss?uid=ibm10887815

Source: psirt@us.ibm.com

Broken LinkPatchVendor Advisory

http://www.securityfocus.com/bid/108918

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/120906

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

https://www.ibm.com/support/docview.wss?uid=ibm10887815

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkPatchVendor Advisory

Timeline

No history available yet.