Email Information Disclosure Vulnerability in IBM iNotes
CVE-2017-1214

5.7MEDIUM

Key Information:

Vendor
IBM
Status
Inotes
Vendor
CVE Published:
12 June 2017

Summary

IBM iNotes versions 8.5 and 9.0 are susceptible to a vulnerability that enables remote attackers to send specially crafted emails. When the victim opens such an email, it could lead to unintended information disclosure, thereby compromising sensitive data. This vulnerability emphasizes the need for organizations to implement robust email security protocols and awareness training to mitigate potential threats.

Affected Version(s)

iNotes 9.0

iNotes 8.5.3

iNotes 8.5.2

References

http://www.securitytracker.com/id/1038654
vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/123854
x_refsource_MISC
http://www.ibm.com/support/docview.wss?uid=swg22002015
x_refsource_CONFIRM

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.