What is the severity of CVE-2017-1563?

CVE-2017-1563 has a medium severity rating due to its potential for cross-site scripting attacks.

How do I fix CVE-2017-1563?

To fix CVE-2017-1563, update IBM Doors Web Access to the latest version that addresses this vulnerability.

What types of attacks can exploit CVE-2017-1563?

CVE-2017-1563 can be exploited through cross-site scripting, allowing an attacker to execute arbitrary JavaScript in a victim's session.

Which IBM products are affected by CVE-2017-1563?

CVE-2017-1563 affects IBM Doors Web Access versions 9.5 and 9.6, as well as IBM Engineering Requirements Management DOORS.

Is user interaction required to exploit CVE-2017-1563?

Yes, user interaction is typically required to exploit CVE-2017-1563, as attackers would need to trick users into clicking on malicious links.

Vulnerability/
CVE-2017-1563

medium

5.4

CWE

26/1/2018

5/2/2025

CVE-2017-1563: XSS

First published: Fri Jan 26 2018(Updated: )

IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131763.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
	>=9.5.0.0<=9.5.0.7
	>=9.5.1.0<=9.5.1.8
	>=9.5.2.0<=9.5.2.7
	>=9.6.0.0<=9.6.0.6
	>=9.6.1.0<=9.6.1.9
IBM Engineering Requirements Management DOORS	>=9.5.0.0<=9.5.0.7
IBM Engineering Requirements Management DOORS	>=9.5.1.0<=9.5.1.8
IBM Engineering Requirements Management DOORS	>=9.5.2.0<=9.5.2.7
IBM Engineering Requirements Management DOORS	>=9.6.0.0<=9.6.0.6
IBM Engineering Requirements Management DOORS	>=9.6.1.0<=9.6.1.9

Remedy

http://www.ibm.com/support/docview.wss?uid=swg22012789

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-1563?
CVE-2017-1563 has a medium severity rating due to its potential for cross-site scripting attacks.
How do I fix CVE-2017-1563?
To fix CVE-2017-1563, update IBM Doors Web Access to the latest version that addresses this vulnerability.
What types of attacks can exploit CVE-2017-1563?
CVE-2017-1563 can be exploited through cross-site scripting, allowing an attacker to execute arbitrary JavaScript in a victim's session.
Which IBM products are affected by CVE-2017-1563?
CVE-2017-1563 affects IBM Doors Web Access versions 9.5 and 9.6, as well as IBM Engineering Requirements Management DOORS.
Is user interaction required to exploit CVE-2017-1563?
Yes, user interaction is typically required to exploit CVE-2017-1563, as attackers would need to trick users into clicking on malicious links.

collector/nvd-index
agent/type
agent/remedy
agent/weakness
agent/author
agent/references
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/first-publish-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
agent/event
vendor/ibm
canonical/ibm engineering requirements management doors
version/ibm engineering requirements management doors/9.5.0.0
version/ibm engineering requirements management doors/9.5.0.7
version/ibm engineering requirements management doors/9.5.1.0
version/ibm engineering requirements management doors/9.5.1.8
version/ibm engineering requirements management doors/9.5.2.0
version/ibm engineering requirements management doors/9.5.2.7
version/ibm engineering requirements management doors/9.6.0.0
version/ibm engineering requirements management doors/9.6.0.6
version/ibm engineering requirements management doors/9.6.1.0
version/ibm engineering requirements management doors/9.6.1.9