What is CVE-2017-3892?

CVE-2017-3892 is a low-severity vulnerability in Blackberry Qnx_software_development_platform, classified under Information Disclosure. CVSS score: 3.8/10. Published 2017-11-14.

How severe is CVE-2017-3892?

Low severity. CVSS v3 base score is 3.8 out of 10.

Information disclosure in Blackberry Qnx_software_development_platform

CVE-2017-3892

In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a…

Vulnerability class: Information Disclosure

EPSS: 0.002 (41.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.8 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N.

Affected products

Blackberry Qnx_software_development_platform — versions 6.6.0
Blackberry Qnx Software Development Platform (Sdp) — versions 6.6.0

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

secure@blackberry.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-3892?: CVE-2017-3892 is a low-severity vulnerability in Blackberry Qnx_software_development_platform, classified under Information Disclosure. CVSS score: 3.8/10. Published 2017-11-14.
How severe is CVE-2017-3892?: Low severity. CVSS v3 base score is 3.8 out of 10.