CVE-2017-1221

{"id": "CVE-2017-1221", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-11-13T23:29:00.197", "references": [{"url": "http://www.ibm.com/support/docview.wss?uid=swg22010177", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "[email protected]"}, {"url": "http://www.securityfocus.com/bid/101683", "tags": ["Third Party Advisory", "VDB Entry"], "source": "[email protected]"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123861", "tags": ["Issue Tracking", "VDB Entry", "Vendor Advisory"], "source": "[email protected]"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg22010177", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/101683", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123861", "tags": ["Issue Tracking", "VDB Entry", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-521"}]}], "descriptions": [{"lang": "en", "value": "IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 123861."}, {"lang": "es", "value": "IBM Tivoli Endpoint Manager (IBM BigFix 9.2 y 9.5) no requiere que los usuarios tengan contrase\u00f1as fuertes por defecto, lo que facilita que los atacantes comprometan las cuentas de usuario. IBM X-Force ID: 123861."}], "lastModified": "2025-04-20T01:37:25.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:bigfix_platform:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDF3A293-36B6-41F3-87CE-EC2D89F212B1"}, {"criteria": "cpe:2.3:a:ibm:bigfix_platform:9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E59DD27-6637-4D89-867B-650AAD2F14B2"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}