CVE-2017-20110

MEDIUM

Teleopti WFM <7.1.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

A vulnerability, which was classified as problematic, has been found in Teleopti WFM up to 7.1.0. Affected by this issue is some unknown functionality of the component Administration. The manipulation as part of JSON leads to information disclosure (Credentials). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

References (2)

Core 2
Core References
Exploit, Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2017/Feb/13
Third Party Advisory x_refsource_misc
https://vuldb.com/?id.96806

Scores

CVSS v3 4.3
EPSS 0.0097
EPSS Percentile 57.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-200
Status published
Products (1)
calabrio/teleopti_workforce_management 6.9 - 7.1.0
Published Jun 29, 2022
Tracked Since Feb 18, 2026