CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-1202

IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 123677.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.9%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/123677
https://www-01.ibm.com/support/docview.wss?uid=ibm10737581
https://exchange.xforce.ibmcloud.com/vulnerabilities/123677
https://www-01.ibm.com/support/docview.wss?uid=ibm10737581

Products affected by CVE-2017-1202

Ibm » Bigfix Compliance » Version: 1.7

cpe:2.3:a:ibm:bigfix_compliance:1.7
Ibm » Bigfix Compliance » Version: 1.8

cpe:2.3:a:ibm:bigfix_compliance:1.8
Ibm » Bigfix Compliance » Version: 1.9.91

cpe:2.3:a:ibm:bigfix_compliance:1.9.91

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-1202

Products

Pricing

Contact Us