Vulnerability-Lookup

CVE-2017-9368 (GCVE-0-2017-9368)

Vulnerability from cvelistv5 – Published: 2017-10-16 21:00 – Updated: 2024-09-17 03:37

Summary

Severity ?

No CVSS data available.

CWE

Information disclosure

Assigner

blackberry

References

URL

	Vendor	Product	Version
	BlackBerry	Workspaces Server	Affected: BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier

GHSA-V5J2-7W6J-265J

Vulnerability from github – Published: 2022-05-17 00:25 – Updated: 2022-05-17 00:25

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-9368"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-16T21:29:00Z",
    "severity": "HIGH"
  },
  "details": "An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files.",
  "id": "GHSA-v5j2-7w6j-265j",
  "modified": "2022-05-17T00:25:08Z",
  "published": "2022-05-17T00:25:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9368"
    },
    {
      "type": "WEB",
      "url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/96542"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2017-9368

Vulnerability from fkie_nvd - Published: 2017-10-16 21:29 - Updated: 2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
secure@blackberry.com	http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000045696	Vendor Advisory
secure@blackberry.com	http://www.securityfocus.com/bid/96542	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000045696	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/96542	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
blackberry	workspaces_vapp	5.5.0
blackberry	workspaces_vapp	5.5.1
blackberry	workspaces_vapp	5.5.2
blackberry	workspaces_vapp	5.5.3
blackberry	workspaces_vapp	5.5.4
blackberry	workspaces_vapp	5.5.5
blackberry	workspaces_vapp	5.5.6
blackberry	workspaces_vapp	5.5.7
blackberry	workspaces_vapp	5.5.8
blackberry	workspaces_vapp	5.5.9
blackberry	workspaces_vapp	5.6.0
blackberry	workspaces_vapp	5.6.1
blackberry	workspaces_vapp	5.6.2
blackberry	workspaces_vapp	5.6.3
blackberry	workspaces_vapp	5.6.4
blackberry	workspaces_vapp	5.6.5
blackberry	workspaces_vapp	5.6.6
blackberry	workspaces_appliance-x	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F375EEB-9B67-4E8C-B59D-5E45D5744AC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBC4987-A09A-44AD-B691-59AB62ACC9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "449009A5-0F54-41D5-BE49-EADE65F77CFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "79496E2E-38D9-4707-987D-521FD417ABC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA490F11-2C67-4A29-A831-BB218E52779F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED290A07-6623-49F1-BC2F-58696CEE45F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "72F68629-73B5-41FB-8ABE-3B49FCCF3841",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1AFC2FF-5093-4761-B72A-8D22601A965F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7FAC0CA-253B-4013-B89A-B180D95E3310",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D6DDE0-5DEE-406B-B96A-6C7A203BB368",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "964BBFE6-AFCC-4577-8F84-D4F71D507060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "416765A7-911E-4327-80F0-3CA4B2A09B2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB80B3C-3EF0-427C-B9FE-DD54F248DD13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF721FB8-0BA8-4792-B409-CE71CDCF5ACE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F96B35-BF5D-4254-A9EA-972997DD70CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D0A794-854B-40FE-A95B-776D469F426E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A47B0C9-6C09-4A5F-A473-C82618822041",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:blackberry:workspaces_appliance-x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "693F0340-B3E0-48B5-8DFF-E77CC8E70315",
              "versionEndIncluding": "1.11.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en BlackBerry Workspaces Server podr\u00eda resultar en un atacante obteniendo acceso al c\u00f3digo fuente para las aplicaciones del lado del servidor manipulando una petici\u00f3n para archivos espec\u00edficos."
    }
  ],
  "id": "CVE-2017-9368",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-10-16T21:29:00.307",
  "references": [
    {
      "source": "secure@blackberry.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
    },
    {
      "source": "secure@blackberry.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96542"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96542"
    }
  ],
  "sourceIdentifier": "secure@blackberry.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2017-02369

Vulnerability from cnvd - Published: 2017-03-04

Title

Eaton xComfort Ethernet Communication Interface（ECI）信息泄露漏洞

Description

xComfort Ethernet Communication Interface（ECI）是一款建筑自动化系统。 Eaton xComfort Ethernet Communication Interface（ECI）1.07及之前的版本存在信息泄露漏洞，远程攻击者可利用漏洞在未经身份验证时，访问备份文件和系统日志。

Severity

高

Patch Name

Eaton xComfort Ethernet Communication Interface（ECI）信息泄露漏洞的补丁

Patch Description

Formal description

厂商已经发布升级版本，建议受影响的用户及时下载更新： http://www.eaton.eu/Europe/Electrical/ProductsServices/Residential/xComfort-RFSmartHomeSolutions/index.htm?wtredirect=www.eaton.eu/xcomfort#tabs-11（link is external）

Reference

https://ics-cert.us-cert.gov/advisories/ICSA-17-061-01 http://www.securityfocus.com/bid/96542/

Impacted products

Name
Eaton xComfort Ethernet Communication Interface（ECI） <=1.07

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "96542"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-9368"
    }
  },
  "description": "xComfort Ethernet Communication Interface\uff08ECI\uff09\u662f\u4e00\u6b3e\u5efa\u7b51\u81ea\u52a8\u5316\u7cfb\u7edf\u3002\r\n\r\nEaton xComfort Ethernet Communication Interface\uff08ECI\uff091.07\u53ca\u4e4b\u524d\u7684\u7248\u672c\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5728\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u65f6\uff0c\u8bbf\u95ee\u5907\u4efd\u6587\u4ef6\u548c\u7cfb\u7edf\u65e5\u5fd7\u3002",
  "discovererName": "Maxim Rupp.",
  "formalWay": "\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u5347\u7ea7\u7248\u672c\uff0c\u5efa\u8bae\u53d7\u5f71\u54cd\u7684\u7528\u6237\u53ca\u65f6\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttp://www.eaton.eu/Europe/Electrical/ProductsServices/Residential/xComfort-RFSmartHomeSolutions/index.htm?wtredirect=www.eaton.eu/xcomfort#tabs-11\uff08link is external\uff09",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-02369",
  "openTime": "2017-03-04",
  "patchDescription": "xComfort Ethernet Communication Interface\uff08ECI\uff09\u662f\u4e00\u6b3e\u5efa\u7b51\u81ea\u52a8\u5316\u7cfb\u7edf\u3002\r\n\r\nEaton xComfort Ethernet Communication Interface\uff08ECI\uff091.07\u53ca\u4e4b\u524d\u7684\u7248\u672c\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5728\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u65f6\uff0c\u8bbf\u95ee\u5907\u4efd\u6587\u4ef6\u548c\u7cfb\u7edf\u65e5\u5fd7\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Eaton xComfort Ethernet Communication Interface\uff08ECI\uff09\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Eaton xComfort Ethernet Communication Interface\uff08ECI\uff09 \u003c=1.07"
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-17-061-01\r\nhttp://www.securityfocus.com/bid/96542/",
  "serverity": "\u9ad8",
  "submitTime": "2017-03-02",
  "title": "Eaton xComfort Ethernet Communication Interface\uff08ECI\uff09\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

GSD-2017-9368

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-9368

Aliases

CVE-2017-9368

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-9368",
    "description": "An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files.",
    "id": "GSD-2017-9368"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-9368"
      ],
      "details": "An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files.",
      "id": "GSD-2017-9368",
      "modified": "2023-12-13T01:21:08.014747Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@blackberry.com",
        "DATE_PUBLIC": "2017-10-16T00:00:00",
        "ID": "CVE-2017-9368",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Workspaces Server",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "BlackBerry Workspaces Server components Appliance-X 1.11.0 to 1.11.2, vApp versions 5.6.0 to 5.6.6, and vApp versions 5.5.9 and earlier"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "BlackBerry"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Information disclosure"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "96542",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/96542"
          },
          {
            "name": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696",
            "refsource": "CONFIRM",
            "url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.5.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_vapp:5.6.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:blackberry:workspaces_appliance-x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.11.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@blackberry.com",
          "ID": "CVE-2017-9368"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
            },
            {
              "name": "96542",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/96542"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2017-11-08T18:44Z",
      "publishedDate": "2017-10-16T21:29Z"
    }
  }
}

VAR-201710-1334

Vulnerability from variot - Updated: 2025-04-20 23:40

An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files. xComfortEthernetCommunicationInterface (ECI) is a building automation system. An information disclosure vulnerability exists in EatonxComfortEthernetCommunicationInterface (ECI) version 1.07 and earlier, which allows remote attackers to access backup files and system logs when they are not authenticated. Eaton xComfort Ethernet Communication Interface is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may lead to further attacks. Eaton xComfort Ethernet Communication Interface 1.07 and prior versions are vulnerable

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201710-1334",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "blackberry",
        "version": "5.5.3"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "blackberry",
        "version": "5.5.0"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "blackberry",
        "version": "5.5.6"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "blackberry",
        "version": "5.5.2"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "blackberry",
        "version": "5.5.4"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "blackberry",
        "version": "5.5.1"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "blackberry",
        "version": "5.5.5"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "blackberry",
        "version": "5.5.8"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "blackberry",
        "version": "5.5.9"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "blackberry",
        "version": "5.5.7"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "blackberry",
        "version": "5.6.2"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "blackberry",
        "version": "5.6.0"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "blackberry",
        "version": "5.6.3"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "blackberry",
        "version": "5.6.4"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "blackberry",
        "version": "5.6.6"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "blackberry",
        "version": "5.6.1"
      },
      {
        "model": "workspaces vapp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "blackberry",
        "version": "5.6.5"
      },
      {
        "model": "workspaces appliance-x",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "blackberry",
        "version": "1.11.2"
      },
      {
        "model": "appliance-x",
        "scope": null,
        "trust": 0.8,
        "vendor": "blackberry",
        "version": null
      },
      {
        "model": "vapp",
        "scope": null,
        "trust": 0.8,
        "vendor": "blackberry",
        "version": null
      },
      {
        "model": "xcomfort ethernet communication interface",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "eaton",
        "version": "\u003c=1.07"
      },
      {
        "model": "xcomfort eci",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "eaton",
        "version": "1.07"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-02369"
      },
      {
        "db": "BID",
        "id": "96542"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9368"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:blackberry:workspaces_appliance-x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:blackberry:vapp",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Maxim Rupp.",
    "sources": [
      {
        "db": "BID",
        "id": "96542"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-9368",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-9368",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-02369",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-9368",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-9368",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-9368",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-02369",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201703-089",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-02369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9368"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific files. xComfortEthernetCommunicationInterface (ECI) is a building automation system. An information disclosure vulnerability exists in EatonxComfortEthernetCommunicationInterface (ECI) version 1.07 and earlier, which allows remote attackers to access backup files and system logs when they are not authenticated. Eaton xComfort Ethernet Communication Interface is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information that may lead to further attacks. \nEaton xComfort Ethernet Communication Interface 1.07 and prior versions are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-9368"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-02369"
      },
      {
        "db": "BID",
        "id": "96542"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-9368",
        "trust": 3.3
      },
      {
        "db": "BID",
        "id": "96542",
        "trust": 1.9
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-061-01",
        "trust": 1.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009499",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-02369",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-089",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-02369"
      },
      {
        "db": "BID",
        "id": "96542"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9368"
      }
    ]
  },
  "id": "VAR-201710-1334",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-02369"
      }
    ],
    "trust": 1.2999999999999998
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-02369"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:40:11.073000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "BSRT-2017-006 Vulnerabilities in Workspaces Server components impact BlackBerry Workspaces",
        "trust": 0.8,
        "url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000045696"
      },
      {
        "title": "EatonxComfortEthernetCommunicationInterface(ECI) Patch for Information Disclosure Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/89970"
      },
      {
        "title": "Eaton xComfort ECI Fixes for access control error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67987"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-02369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-089"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9368"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "http://support.blackberry.com/kb/articledetail?language=en_us\u0026articlenumber=000045696"
      },
      {
        "trust": 1.5,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-061-01"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/96542"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9368"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9368"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/96542/"
      },
      {
        "trust": 0.3,
        "url": "http://www.eaton.eu/europe/index.htm"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-02369"
      },
      {
        "db": "BID",
        "id": "96542"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9368"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-02369"
      },
      {
        "db": "BID",
        "id": "96542"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-089"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9368"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-03-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-02369"
      },
      {
        "date": "2017-03-02T00:00:00",
        "db": "BID",
        "id": "96542"
      },
      {
        "date": "2017-11-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      },
      {
        "date": "2017-03-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-089"
      },
      {
        "date": "2017-10-16T21:29:00.307000",
        "db": "NVD",
        "id": "CVE-2017-9368"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-03-20T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-02369"
      },
      {
        "date": "2017-03-07T01:09:00",
        "db": "BID",
        "id": "96542"
      },
      {
        "date": "2017-11-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      },
      {
        "date": "2017-10-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-089"
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-9368"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-089"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "BlackBerry Workspaces Server Vulnerable to information disclosure",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009499"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-089"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-9368 (GCVE-0-2017-9368)

GHSA-V5J2-7W6J-265J

FKIE_CVE-2017-9368

CNVD-2017-02369

GSD-2017-9368

VAR-201710-1334

Tags

Sightings

Nomenclature