What is the severity of CVE-2017-1207?

CVE-2017-1207 has a medium severity rating due to the exposure of user credentials in plain text.

How do I fix CVE-2017-1207?

To fix CVE-2017-1207, secure user credentials by storing them in an encrypted format and apply any available patches from IBM.

Which versions are affected by CVE-2017-1207?

CVE-2017-1207 affects IBM WebSphere Message Broker versions 8.0.0.0 through 8.0.0.7 and IBM Integration Bus versions 9.0.0 through 10.0.7.

What are the risks associated with CVE-2017-1207?

The risks associated with CVE-2017-1207 include unauthorized access to user credentials by local users, potentially leading to data breaches.

Is there a workaround for CVE-2017-1207?

While the recommended solution is to patch the software, an immediate workaround includes implementing strict access controls to limit local user access.

Vulnerability/
CVE-2017-1207

medium

5.5

CWE

522

5/7/2017

17/9/2024

CVE-2017-1207

First published: Wed Jul 05 2017(Updated: )

IBM WebSphere Message Broker stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 123777.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM WebSphere Message Broker	=8.0.0.0
IBM WebSphere Message Broker	=8.0.0.1
IBM WebSphere Message Broker	=8.0.0.2
IBM WebSphere Message Broker	=8.0.0.3
IBM WebSphere Message Broker	=8.0.0.4
IBM WebSphere Message Broker	=8.0.0.5
IBM WebSphere Message Broker	=8.0.0.6
IBM WebSphere Message Broker	=8.0.0.7
IBM Integration Bus	=9.0.0
IBM Integration Bus	=9.0.0.1
IBM Integration Bus	=9.0.0.2
IBM Integration Bus	=9.0.0.3
IBM Integration Bus	=9.0.0.4
IBM Integration Bus	=9.0.0.5
IBM Integration Bus	=9.0.0.6
IBM Integration Bus	=9.0.0.7
IBM Integration Bus	=10.0.0
IBM Integration Bus	=10.0.0.1
IBM Integration Bus	=10.0.0.2
IBM Integration Bus	=10.0.0.3
IBM Integration Bus	=10.0.0.4
IBM Integration Bus	=10.0.0.5
IBM Integration Bus	=10.0.0.6
IBM Integration Bus	=10.0.0.7

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-1207?
CVE-2017-1207 has a medium severity rating due to the exposure of user credentials in plain text.
How do I fix CVE-2017-1207?
To fix CVE-2017-1207, secure user credentials by storing them in an encrypted format and apply any available patches from IBM.
Which versions are affected by CVE-2017-1207?
CVE-2017-1207 affects IBM WebSphere Message Broker versions 8.0.0.0 through 8.0.0.7 and IBM Integration Bus versions 9.0.0 through 10.0.7.
What are the risks associated with CVE-2017-1207?
The risks associated with CVE-2017-1207 include unauthorized access to user credentials by local users, potentially leading to data breaches.
Is there a workaround for CVE-2017-1207?
While the recommended solution is to patch the software, an immediate workaround includes implementing strict access controls to limit local user access.

collector/nvd-index
agent/type
agent/softwarecombine
agent/weakness
agent/author
agent/references
agent/severity
agent/description
agent/tags
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
vendor/ibm
canonical/ibm websphere message broker
version/ibm websphere message broker/8.0.0.0
version/ibm websphere message broker/8.0.0.1
version/ibm websphere message broker/8.0.0.2
version/ibm websphere message broker/8.0.0.3
version/ibm websphere message broker/8.0.0.4
version/ibm websphere message broker/8.0.0.5
version/ibm websphere message broker/8.0.0.6
version/ibm websphere message broker/8.0.0.7
canonical/ibm integration bus
version/ibm integration bus/9.0.0
version/ibm integration bus/9.0.0.1
version/ibm integration bus/9.0.0.2
version/ibm integration bus/9.0.0.3
version/ibm integration bus/9.0.0.4
version/ibm integration bus/9.0.0.5
version/ibm integration bus/9.0.0.6
version/ibm integration bus/9.0.0.7
version/ibm integration bus/10.0.0
version/ibm integration bus/10.0.0.1
version/ibm integration bus/10.0.0.2
version/ibm integration bus/10.0.0.3
version/ibm integration bus/10.0.0.4
version/ibm integration bus/10.0.0.5
version/ibm integration bus/10.0.0.6
version/ibm integration bus/10.0.0.7

Frequently Asked Questions

What is the severity of CVE-2017-1207?
CVE-2017-1207 has a medium severity rating due to the exposure of user credentials in plain text.
How do I fix CVE-2017-1207?
To fix CVE-2017-1207, secure user credentials by storing them in an encrypted format and apply any available patches from IBM.
Which versions are affected by CVE-2017-1207?
CVE-2017-1207 affects IBM WebSphere Message Broker versions 8.0.0.0 through 8.0.0.7 and IBM Integration Bus versions 9.0.0 through 10.0.7.
What are the risks associated with CVE-2017-1207?
The risks associated with CVE-2017-1207 include unauthorized access to user credentials by local users, potentially leading to data breaches.
Is there a workaround for CVE-2017-1207?
While the recommended solution is to patch the software, an immediate workaround includes implementing strict access controls to limit local user access.

CVE-2017-1207

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-1207?

How do I fix CVE-2017-1207?

Which versions are affected by CVE-2017-1207?

What are the risks associated with CVE-2017-1207?

Is there a workaround for CVE-2017-1207?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2017-1207?

How do I fix CVE-2017-1207?

Which versions are affected by CVE-2017-1207?

What are the risks associated with CVE-2017-1207?

Is there a workaround for CVE-2017-1207?