SymmetricalDataSecurity: IBM Security Bulletin: Log injection is possible in Daeja ViewONE Professional, Standard & Virtual

Friday, October 27, 2017

IBM Security Bulletin: Log injection is possible in Daeja ViewONE Professional, Standard & Virtual

A specially crafted request or annotation in ViewONE could inject a realistic looking log line.

CVE(s): CVE-2017-1210

Affected product(s) and affected version(s):

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2zTVOck
X-Force Database: http://ift.tt/2xsNw9P

The post IBM Security Bulletin: Log injection is possible in Daeja ViewONE Professional, Standard & Virtual appeared first on IBM PSIRT Blog.

Product Name	Affected Versions
Daeja ViewONE Virtual	5.0.0
Daeja ViewONE Professional, Standard & Virtual	4.1.5

from IBM Product Security Incident Response Team http://ift.tt/2zRuBHj

SymmetricalDataSecurity

Friday, October 27, 2017

IBM Security Bulletin: Log injection is possible in Daeja ViewONE Professional, Standard & Virtual

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews