Vulnerability Description
IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. IBM X-Force ID: 134165.
CVSS Score
8.1
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Integration Bus | 9.0.0.0 |
Related Weaknesses (CWE)
References
- http://www.ibm.com/support/docview.wss?uid=swg22011695Vendor Advisory
- http://www.securityfocus.com/bid/102215Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/134165VDB EntryVendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg22011695Vendor Advisory
- http://www.securityfocus.com/bid/102215Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/134165VDB EntryVendor Advisory
FAQ
What is CVE-2017-1694?
CVE-2017-1694 is a vulnerability with a CVSS score of 8.1 (HIGH). IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. IBM X-Force ID: 134165.
How severe is CVE-2017-1694?
CVE-2017-1694 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-1694?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Integration Bus.