CVE-2018-1366
Low
Low
Medium
High
Critical
CVSS Score
Vulnerability Description
IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma Separated Value (CSV) Injection. An attacker could exploit this vulnerability to exploit other vulnerabilities in spreadsheet software. IBM X-Force ID: 137452.
Known Affected Software
6 configuration(s) from 1 vendor(s)
content_navigator
Version:
3.0.3
CPE:
cpe:2.3:a:ibm:content_navigator:3.0.3:*:*:*:*:*:*:*
content_navigator
Version:
2.0.2.7
CPE:
cpe:2.3:a:ibm:content_navigator:2.0.2.7:*:*:*:*:*:*:*
content_navigator
Version:
3.0.0
CPE:
cpe:2.3:a:ibm:content_navigator:3.0.0:*:*:*:continuous_delivery:*:*:*
content_navigator
Version:
3.0.2
CPE:
cpe:2.3:a:ibm:content_navigator:3.0.2:*:*:*:*:*:*:*
content_navigator
Version:
2.0.2.8
CPE:
cpe:2.3:a:ibm:content_navigator:2.0.2.8:*:*:*:*:*:*:*
content_navigator
Version:
3.0.1
CPE:
cpe:2.3:a:ibm:content_navigator:3.0.1:*:*:*:*:*:*:*
This vulnerability affects 6 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
http://www.ibm.com/support/docview.wss?uid=swg22012674psirt@us.ibm.com Patch Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/137452psirt@us.ibm.com VDB Entry Vendor Advisory
-
http://www.ibm.com/support/docview.wss?uid=swg22012674af854a3a-2127-422b-91ae-364da2661108 Patch Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/137452af854a3a-2127-422b-91ae-364da2661108 VDB Entry Vendor Advisory
Severity Details
out of 10.0
Low
Key Information
- Published Date
- February 07, 2018
