Content Collector for Email has addressed following vulnerability: WebSphere Application Server could allow a remote attacker to obtain sensitive information because of improper error handling by MyFaces.
CVEID:CVE-2017-1583**
DESCRIPTION: *IBM WebSphere Application Server could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/132342 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Content Collector for Email 3.0.0
Content Collector for Email 4.0.0
Content Collector for Email 4.0.1
Product
| VRM|Remediation
—|—|—
Content Collector for Email | 3.0.0| Use Content Collector for Email 4.0.1.8 Interim Fix 001
Content Collector for Email | 4.0.0| Use Content Collector for Email 4.0.1.8 Interim Fix 001
Content Collector for Email | 4.0.1| Use Content Collector for Email 4.0.1.8 Interim Fix 001
Follow steps in the Readme file in 4.0.1.8 Interim Fix 001 to install the fix applicable to your version.
CPE | Name | Operator | Version |
---|---|---|---|
content collector | eq | 4.0.1 | |
content collector | eq | 4.0 | |
content collector | eq | 3.0 |