What is the severity of CVE-2017-1567?

CVE-2017-1567 has a medium severity rating due to its potential for cross-site scripting attacks.

How do I fix CVE-2017-1567?

To fix CVE-2017-1567, upgrade IBM Doors Web Access to version 9.6.1.9 or later.

What systems are affected by CVE-2017-1567?

CVE-2017-1567 affects IBM Doors Web Access versions 9.5 and 9.6, including specific minor versions.

What could a successful exploitation of CVE-2017-1567 allow an attacker to do?

Successful exploitation of CVE-2017-1567 could allow an attacker to execute arbitrary JavaScript code, potentially leading to credential disclosure.

Is CVE-2017-1567 a common vulnerability?

CVE-2017-1567 is a known vulnerability affecting multiple installations of IBM's Requirements Management tools, making it significant in security assessments.

Vulnerability/
CVE-2017-1567

medium

5.4

CWE

26/1/2018

5/2/2025

CVE-2017-1567: XSS

First published: Fri Jan 26 2018(Updated: )

IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131769.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Engineering Requirements Management DOORS Web Access	>=9.5.0.0<=9.5.0.7
IBM Engineering Requirements Management DOORS Web Access	>=9.5.1.0<=9.5.1.8
IBM Engineering Requirements Management DOORS Web Access	>=9.5.2.0<=9.5.2.7
IBM Engineering Requirements Management DOORS Web Access	>=9.6.0.0<=9.6.0.6
IBM Engineering Requirements Management DOORS Web Access	>=9.6.1.0<=9.6.1.9
IBM Engineering Requirements Management DOORS	>=9.5.0.0<=9.5.0.7
IBM Engineering Requirements Management DOORS	>=9.5.1.0<=9.5.1.8
IBM Engineering Requirements Management DOORS	>=9.5.2.0<=9.5.2.7
IBM Engineering Requirements Management DOORS	>=9.6.0.0<=9.6.0.6
IBM Engineering Requirements Management DOORS	>=9.6.1.0<=9.6.1.9

Remedy

http://www.ibm.com/support/docview.wss?uid=swg22012789

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-1567?
CVE-2017-1567 has a medium severity rating due to its potential for cross-site scripting attacks.
How do I fix CVE-2017-1567?
To fix CVE-2017-1567, upgrade IBM Doors Web Access to version 9.6.1.9 or later.
What systems are affected by CVE-2017-1567?
CVE-2017-1567 affects IBM Doors Web Access versions 9.5 and 9.6, including specific minor versions.
What could a successful exploitation of CVE-2017-1567 allow an attacker to do?
Successful exploitation of CVE-2017-1567 could allow an attacker to execute arbitrary JavaScript code, potentially leading to credential disclosure.
Is CVE-2017-1567 a common vulnerability?
CVE-2017-1567 is a known vulnerability affecting multiple installations of IBM's Requirements Management tools, making it significant in security assessments.

agent/type
agent/remedy
agent/weakness
agent/author
agent/references
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/first-publish-date
agent/last-modified-date
agent/source
agent/event
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/nvd-index
vendor/ibm
canonical/ibm engineering requirements management doors web access
version/ibm engineering requirements management doors web access/9.5.0.0
version/ibm engineering requirements management doors web access/9.5.0.7
version/ibm engineering requirements management doors web access/9.5.1.0
version/ibm engineering requirements management doors web access/9.5.1.8
version/ibm engineering requirements management doors web access/9.5.2.0
version/ibm engineering requirements management doors web access/9.5.2.7
version/ibm engineering requirements management doors web access/9.6.0.0
version/ibm engineering requirements management doors web access/9.6.0.6
version/ibm engineering requirements management doors web access/9.6.1.0
version/ibm engineering requirements management doors web access/9.6.1.9
canonical/ibm engineering requirements management doors
version/ibm engineering requirements management doors/9.5.0.0
version/ibm engineering requirements management doors/9.5.0.7
version/ibm engineering requirements management doors/9.5.1.0
version/ibm engineering requirements management doors/9.5.1.8
version/ibm engineering requirements management doors/9.5.2.0
version/ibm engineering requirements management doors/9.5.2.7
version/ibm engineering requirements management doors/9.6.0.0
version/ibm engineering requirements management doors/9.6.0.6
version/ibm engineering requirements management doors/9.6.1.0
version/ibm engineering requirements management doors/9.6.1.9