IBM Content Navigator has addressed the following vulnerability.
CVEID:CVE-2018-1366**
DESCRIPTION: *IBM Content Navigator is vulnerable to Comma Separated Value (CSV) Injection. An attacker could exploit this vulnerability to exploit other vulnerabilities in spreadsheet software.
CVSS Base Score: 4.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/137452 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L)
Affected IBM Content Navigator
|
Affected Versions
—|—
IBM Content Navigator| 2.0.3.7 - 2.0.3.8
IBM Content Navigator| 3.0.0 - 3.0.3
Product
|
VRMF
|
Remediation / First Fix
—|—|—
IBM Content Navigator| 2.0.3.7 - 2.0.3.8| Contact customer support center for the fix and instructions.
IBM Content Navigator| 3.0.0 - 3.0.3| Contact customer support center for the fix and instructions.
None