CVE-2017-1768

MEDIUM

IBM Security Guardium Big Data Intelligence - Information Disclosure

Title source: rule

Description

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 136471.

Exploits (1)

github WORKING POC

by AmazingOut · cpoc

https://github.com/AmazingOut/CVE_POC/tree/main/CVE-2017-1768

View Code ZIP pw:eip

References (3)

[Patch, Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=swg22016515

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/104493

[VDB Entry, Vendor Advisory] https://exchange.xforce.ibmcloud.com/vulnerabilities/136471

Scores

CVSS v3 4.3

EPSS 0.0023

EPSS Percentile 45.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-200

Status published

Products (1)

ibm/security_guardium_big_data_intelligence 3.1

Published May 29, 2018

Tracked Since Feb 18, 2026