{"containers":{"cna":{"affected":[{"product":"WFM","vendor":"Teleopti","versions":[{"status":"affected","version":"7.0"},{"status":"affected","version":"7.1"}]}],"credits":[{"lang":"en","value":"Graph-X"}],"descriptions":[{"lang":"en","value":"A vulnerability classified as problematic was found in Teleopti WFM up to 7.1.0. Affected by this vulnerability is an unknown functionality of the file /TeleoptiWFM/Administration/GetOneTenant of the component Administration. The manipulation leads to information disclosure (Credentials). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-200","description":"CWE-200 Information Disclosure","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-06-29T06:55:26.000Z","orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB"},"references":[{"tags":["x_refsource_MISC"],"url":"http://seclists.org/fulldisclosure/2017/Feb/13"},{"tags":["x_refsource_MISC"],"url":"https://vuldb.com/?id.96805"}],"title":"Teleopti WFM Administration GetOneTenant Credentials information disclosure","x_generator":"vuldb.com","x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cna@vuldb.com","ID":"CVE-2017-20109","REQUESTER":"cna@vuldb.com","STATE":"PUBLIC","TITLE":"Teleopti WFM Administration GetOneTenant Credentials information disclosure"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"WFM","version":{"version_data":[{"version_value":"7.0"},{"version_value":"7.1"}]}}]},"vendor_name":"Teleopti"}]}},"credit":"Graph-X","data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A vulnerability classified as problematic was found in Teleopti WFM up to 7.1.0. Affected by this vulnerability is an unknown functionality of the file /TeleoptiWFM/Administration/GetOneTenant of the component Administration. The manipulation leads to information disclosure (Credentials). The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue."}]},"generator":"vuldb.com","impact":{"cvss":{"baseScore":"4.3","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-200 Information Disclosure"}]}]},"references":{"reference_data":[{"name":"http://seclists.org/fulldisclosure/2017/Feb/13","refsource":"MISC","url":"http://seclists.org/fulldisclosure/2017/Feb/13"},{"name":"https://vuldb.com/?id.96805","refsource":"MISC","url":"https://vuldb.com/?id.96805"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T21:45:26.032Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2017/Feb/13"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://vuldb.com/?id.96805"}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-04-14T17:07:11.706730Z","id":"CVE-2017-20109","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-15T14:10:43.982Z"}}]},"cveMetadata":{"assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","assignerShortName":"VulDB","cveId":"CVE-2017-20109","datePublished":"2022-06-29T06:55:26.000Z","dateReserved":"2022-06-27T00:00:00.000Z","dateUpdated":"2025-04-15T14:10:43.982Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}