Vulnerability Details CVE-2017-1711
IBM iNotes 8.5 and 9.0 SUService can be misguided into running malicious code from a DLL masquerading as a windows DLL in the temp directory. IBM X-Force ID: 134532.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.1%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- http://www.ibm.com/support/docview.wss?uid=swg22010774
- http://www.ibm.com/support/docview.wss?uid=swg22010775
- https://exchange.xforce.ibmcloud.com/vulnerabilities/134532
- http://www.ibm.com/support/docview.wss?uid=swg22010774
- http://www.ibm.com/support/docview.wss?uid=swg22010775
- https://exchange.xforce.ibmcloud.com/vulnerabilities/134532
Products affected by CVE-2017-1711
-
cpe:2.3:a:ibm:client_application_access:1.0.1.0
-
cpe:2.3:a:ibm:client_application_access:1.0.1.1
-
cpe:2.3:a:ibm:client_application_access:1.0.1.2
-
cpe:2.3:a:ibm:notes:8.5.0.0
-
cpe:2.3:a:ibm:notes:8.5.1.0
-
cpe:2.3:a:ibm:notes:8.5.2.0
-
cpe:2.3:a:ibm:notes:8.5.3.0
-
cpe:2.3:a:ibm:notes:9.0.0.0
-
cpe:2.3:a:ibm:notes:9.0.1.0