Remote Information Disclosure in IBM Marketing Operations
CVE-2017-1119

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Marketing Operations
Vendor: CVE Published:; 9 November 2018

What is CVE-2017-1119?

A vulnerability in IBM Marketing Operations could enable a remote attacker to access sensitive information. By sending a specifically crafted request, an attacker may trigger an error message revealing the full root path of the system. This exposure can facilitate further attacks, significantly increasing the risk to system integrity and secure data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Marketing Operations 9.1.2

Marketing Operations 10.1

Marketing Operations 9.1.0

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/121171

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=ibm10738519

x_refsource_CONFIRM

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 9, 2018
Vulnerability Reserved
Nov 30, 2016

JSON

IBM