CVE-2018-17871

Published: Oct 4, 2018Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect Access Control.

Affected (1)

Products: Verint: Verba Collaboration Compliance And Quality Management Platform

1 product

Verba Collaboration Compliance And Quality Management Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Verint Verba Collaboration Compliance And Quality Management Platform	Before 9.2.1.5545

Related CWEs

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (8)

http://packetstormsecurity.com/files/149651/Collaboration-Compliance-And-Quality-Management-Platform-9.1.1.5482-Disclosure.html

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

https://releases.verba.com/?v=9.2

Source: cve@mitre.org

Broken LinkVendor Advisory

https://seclists.org/bugtraq/2018/Oct/12

Source: cve@mitre.org

ExploitMailing ListThird Party Advisory

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-023.txt

Source: cve@mitre.org

ExploitThird Party Advisory

http://packetstormsecurity.com/files/149651/Collaboration-Compliance-And-Quality-Management-Platform-9.1.1.5482-Disclosure.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

https://releases.verba.com/?v=9.2

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkVendor Advisory

https://seclists.org/bugtraq/2018/Oct/12

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListThird Party Advisory

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-023.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.