Lucene search

IBMAD6A539B5994B7DEA177488D2B7687880F9F5C61B437A1CA470EB4A61AD14F9D

HistoryFeb 21, 2022 - 4:46 a.m.

Security Bulletin: App Connect Professional is affected by Quick Emulator vulnerability

2022-02-2104:46:26

www.ibm.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.007 Low

EPSS

Percentile

79.8%

JSON

Summary

App Connect Professional have addressed the following vulnerability reported in Quick Emulator Library.

Vulnerability Details

CVEID:CVE-2017-15124
**DESCRIPTION:**Quick Emulator (QEMU) is vulnerable to a denial of service, caused by an unbounded memory allocation issue in the VNC server implementation. By connecting to the VNC server with remote VNC client, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/137387 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
App Connect Professional	7.5.5.0

Remediation/Fixes

Product	Version	Remediation
App Connect Professional	7.5.5.0	755 Fixcentral link

Workarounds and Mitigations

None

CPENameOperatorVersion
app connect professionaleq755

CPE	Name	Operator	Version
	app connect professional	eq	755

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.007 Low

EPSS

Percentile

79.8%

JSON

Related for AD6A539B5994B7DEA177488D2B7687880F9F5C61B437A1CA470EB4A61AD14F9D