Vulnerability Details : CVE-2017-20014
A vulnerability, which was classified as problematic, has been found in WEKA INTEREST Security Scanner up to 1.8. Affected by this issue is some unknown functionality of the component Webspider. The manipulation with an unknown input leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Vulnerability category: Denial of service
Products affected by CVE-2017-20014
- cpe:2.3:a:weka:interest_security_scanner:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-20014
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 11 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-20014
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:N/A:P |
3.9
|
2.9
|
NIST | |
2.8
|
LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L |
1.3
|
1.4
|
VulDB | |
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2017-20014
-
The product does not release or incorrectly releases a resource before it is made available for re-use.Assigned by:
- cna@vuldb.com (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2017-20014
-
http://www.computec.ch/news.php?item.117
computec.ch • 1997 - 2018Third Party Advisory
-
https://vuldb.com/?id.101969
CVE-2017-20011 | WEKA INTEREST Security Scanner HTTP denial of service (ID 101969)Third Party Advisory;VDB Entry
-
https://vuldb.com/?id.101972
Login requiredThird Party Advisory;VDB Entry
Jump to