Denial of Service Vulnerability in IBM Notes by IBM
CVE-2017-1130
6.5MEDIUM
Summary
IBM Notes versions 8.5 and 9.0 are susceptible to a denial of service vulnerability. An attacker can exploit this by convincing a user to click on a malicious link, which triggers multiple file select dialog boxes to open. This overwhelming process causes the application to hang, requiring a restart of the client to regain functionality. Proper precautions should be taken to avoid such exploits.
Affected Version(s)
Notes 8.5.3.6
Notes 8.5.2.4
Notes 9.0
References
EPSS Score
92% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved