How severe is CVE-2017-1476?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Vulnerability in Ibm Security Access Manager

CVE-2017-1476

IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attack…

EPSS: 0.002 (47.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.0/A:N/AC:H/AV:N/C:H/I:N/PR:N/S:U/UI:N/E:U/RC:C/RL:O.

Affected products

Ibm Security Access Manager — versions 8.0.1.2, 8.0.1.6, 8.0.0.4

References

www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
ibm-sam-cve20171476-info-disc(128610) (vdb-entry, x_refsource_XF)
104501 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2017-1476?: CVE-2017-1476 is a medium-severity vulnerability in Ibm Security Access Manager. CVSS score: 5.9/10. Published 2018-06-06.
How severe is CVE-2017-1476?: Medium severity. CVSS v3 base score is 5.9 out of 10.