Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMCF527A709EE63A60E0F3E1E7EA6A7F425FA07C13A0BA3DAA803D893BCD12D845
HistoryJan 28, 2021 - 7:16 p.m.

Security Bulletin: Daeja ViewONE Professional, Standard & Virtual does not have limits for large or slow workloads.

2021-01-2819:16:14
www.ibm.com
13

0.001 Low

EPSS

Percentile

35.4%

JSON

Summary

ViewONE does not ensure that content is small enough before completing work, nor does it have timeouts for some processes.

Vulnerability Details

CVEID: CVE-2017-1212**
DESCRIPTION:** IBM Daeja ViewONE Professional, Standard & Virtual is vulnerable to a denial of service when viewing or opening a large file.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/123852 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

Affected Products and Versions

Product Name

|

Affected Versions

—|—
Daeja ViewONE Virtual| 5.0.0
Daeja ViewONE Professional, Standard & Virtual| 4.1.5

Remediation/Fixes

Customer should apply the version of ViewONE that contains the fixes.

Product

|

VRMF

|

APAR

|

Remediation / First Fix

—|—|—|—
Daeja ViewONE Virtual| 5.0.0| NA| Use IBM Daeja ViewONE Virtual 5.0.2.0 iFix001
Daeja ViewONE Professional, Standard & Virtual| 4.1.5| NA| Use IBM Daeja ViewONE 4.1.5.1 iFix022

Workarounds and Mitigations

None

Related

cvelist 1
nvd 1
cve 1
prion 1
cvelist
cvelist
CVE-2017-1212
2017-09-18 00:00:00
nvd
nvd
CVE-2017-1212
2017-10-24 21:29:00
cve
cve
CVE-2017-1212
2017-10-24 21:29:00
prion
prion
Denial of service
2017-10-24 21:29:00

0.001 Low

EPSS

Percentile

35.4%

JSON
Related for CF527A709EE63A60E0F3E1E7EA6A7F425FA07C13A0BA3DAA803D893BCD12D845
cvelist1nvd1cve1prion1