CVE-2017-1396

Published: Aug 6, 2018Modified: Nov 21, 2024

8.1

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Exploitability: 2.8 / Impact: 5.2

Source: NVD

Description

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 127342.

Affected (7)

Products: Ibm: Security Identity Governance And Intelligence

Ibm

1 product

Security Identity Governance And Intelligence

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Ibm Security Identity Governance And Intelligence	Version 5.2.1
Ibm Security Identity Governance And Intelligence	Version 5.2.2.1
Ibm Security Identity Governance And Intelligence	Version 5.2.2
Ibm Security Identity Governance And Intelligence	Version 5.2.3.1
Ibm Security Identity Governance And Intelligence	Version 5.2.3.2
Ibm Security Identity Governance And Intelligence	Version 5.2.3
Ibm Security Identity Governance And Intelligence	Version 5.2

Related CWEs

CWE-275

References (4)

http://www.ibm.com/support/docview.wss?uid=swg22016869

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/127342

Source: psirt@us.ibm.com

VDB Entry

http://www.ibm.com/support/docview.wss?uid=swg22016869

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/127342

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

Timeline

No history available yet.