CVE-2017-1308

Published: Jul 13, 2017Modified: May 13, 2026

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0 could allow an authenticated attacker to download files they should not have access to due to improper access controls. IBM X-Force ID: 125462.

Affected (7)

Products: Ibm: Daeja Viewone

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Ibm Daeja Viewone	Version 4.1.5.1
Ibm Daeja Viewone	Version 4.1.5.1
Ibm Daeja Viewone	Version 4.1.5.1
Ibm Daeja Viewone	Version 4.1.5
Ibm Daeja Viewone	Version 4.1.5
Ibm Daeja Viewone	Version 4.1.5
Ibm Daeja Viewone	Version 5.0

Related CWEs

Files or Directories Accessible to External Parties

The product makes files or directories accessible to unauthorized actors, even though they should not be.

References (6)

http://www.ibm.com/support/docview.wss?uid=swg22003806

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www.securityfocus.com/bid/99549

Source: psirt@us.ibm.com

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/125462

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

http://www.ibm.com/support/docview.wss?uid=swg22003806

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/99549

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/125462

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

Timeline

No history available yet.