What is the vulnerability ID of this vulnerability?

The vulnerability ID of this vulnerability is CVE-2017-1694.

What is the severity level of CVE-2017-1694?

The severity level of CVE-2017-1694 is high with a severity value of 8.1.

What is the affected software for CVE-2017-1694?

The affected software for CVE-2017-1694 is IBM Integration Bus versions 9.0.0.0 to 9.0.0.9 and 10.0.0.0 to 10.0.0.9.

How does CVE-2017-1694 affect IBM Integration Bus?

CVE-2017-1694 allows an attacker to intercept and read user credentials in plain text when transmitted by IBM Integration Bus versions 9.0 and 10.0.

Is there a fix available for CVE-2017-1694?

Yes, IBM has provided security patches to address the vulnerability. Please refer to the IBM Security Bulletin for more information.

Vulnerability/
CVE-2017-1694

high

8.1

CWE

319

20/12/2017

16/9/2024

CVE-2017-1694

First published: Wed Dec 20 2017(Updated: )

IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. IBM X-Force ID: 134165.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Integration Bus	=9.0.0.0
IBM Integration Bus	=9.0.0.1
IBM Integration Bus	=9.0.0.2
IBM Integration Bus	=9.0.0.3
IBM Integration Bus	=9.0.0.4
IBM Integration Bus	=9.0.0.5
IBM Integration Bus	=9.0.0.6
IBM Integration Bus	=9.0.0.7
IBM Integration Bus	=9.0.0.8
IBM Integration Bus	=9.0.0.9
IBM Integration Bus	=10.0.0.0
IBM Integration Bus	=10.0.0.1
IBM Integration Bus	=10.0.0.2
IBM Integration Bus	=10.0.0.3
IBM Integration Bus	=10.0.0.4
IBM Integration Bus	=10.0.0.5
IBM Integration Bus	=10.0.0.6
IBM Integration Bus	=10.0.0.7
IBM Integration Bus	=10.0.0.8
IBM Integration Bus	=10.0.0.9

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2017-1694.
What is the severity level of CVE-2017-1694?
The severity level of CVE-2017-1694 is high with a severity value of 8.1.
What is the affected software for CVE-2017-1694?
The affected software for CVE-2017-1694 is IBM Integration Bus versions 9.0.0.0 to 9.0.0.9 and 10.0.0.0 to 10.0.0.9.
How does CVE-2017-1694 affect IBM Integration Bus?
CVE-2017-1694 allows an attacker to intercept and read user credentials in plain text when transmitted by IBM Integration Bus versions 9.0 and 10.0.
Is there a fix available for CVE-2017-1694?
Yes, IBM has provided security patches to address the vulnerability. Please refer to the IBM Security Bulletin for more information.

collector/nvd-index
agent/severity
agent/author
agent/type
agent/event
agent/weakness
agent/references
agent/description
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/ibm
canonical/ibm integration bus
version/ibm integration bus/9.0.0.0
version/ibm integration bus/9.0.0.1
version/ibm integration bus/9.0.0.2
version/ibm integration bus/9.0.0.3
version/ibm integration bus/9.0.0.4
version/ibm integration bus/9.0.0.5
version/ibm integration bus/9.0.0.6
version/ibm integration bus/9.0.0.7
version/ibm integration bus/9.0.0.8
version/ibm integration bus/9.0.0.9
version/ibm integration bus/10.0.0.0
version/ibm integration bus/10.0.0.1
version/ibm integration bus/10.0.0.2
version/ibm integration bus/10.0.0.3
version/ibm integration bus/10.0.0.4
version/ibm integration bus/10.0.0.5
version/ibm integration bus/10.0.0.6
version/ibm integration bus/10.0.0.7
version/ibm integration bus/10.0.0.8
version/ibm integration bus/10.0.0.9