Vulnerability Description
A vulnerability classified as problematic was found in Teleopti WFM up to 7.1.0. Affected by this vulnerability is an unknown functionality of the file /TeleoptiWFM/Administration/GetOneTenant of the component Administration. The manipulation leads to information disclosure (Credentials). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Calabrio | Teleopti Workforce Management | >= 6.9, <= 7.1.0 |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2017/Feb/13ExploitMailing ListThird Party Advisory
- https://vuldb.com/?id.96805Third Party Advisory
- http://seclists.org/fulldisclosure/2017/Feb/13ExploitMailing ListThird Party Advisory
- https://vuldb.com/?id.96805Third Party Advisory
FAQ
What is CVE-2017-20109?
CVE-2017-20109 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability classified as problematic was found in Teleopti WFM up to 7.1.0. Affected by this vulnerability is an unknown functionality of the file /TeleoptiWFM/Administration/GetOneTenant of the ...
How severe is CVE-2017-20109?
CVE-2017-20109 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-20109?
Check the references section above for vendor advisories and patch information. Affected products include: Calabrio Teleopti Workforce Management.