{"cve":{"cve_id":"CVE-2017-1411","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.01484,"epss_percentile":0.70648,"epss_as_of":"2026-06-23","description":"IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 127399.","published_at":"2018-08-06T14:00:00Z","last_modified_at":null,"cvss_v3_score":5.9,"cvss_v3_vector":"CVSS:3.0/A:N/AC:H/AV:N/C:H/I:N/PR:N/S:U/UI:N/E:U/RC:C/RL:O","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":null,"nvd_references":["https://exchange.xforce.ibmcloud.com/vulnerabilities/127399","http://www.ibm.com/support/docview.wss?uid=swg22016869"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:09:34.279440Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.0","metrics":[{"metric":"A","name":"Availability","value":"N","value_label":"None"},{"metric":"AC","name":"Attack Complexity","value":"H","value_label":"High"},{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"N","value_label":"None"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"E","name":"E","value":"U","value_label":"Unchanged"},{"metric":"RC","name":"RC","value":"C","value_label":"Changed"},{"metric":"RL","name":"RL","value":"O","value_label":"O"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"ibm","vendor_name":"ibm","product_slug":"security-identity-governance-and-intelligence","product_name":"Security Identity Governance and Intelligence","version_start":"5.2","version_start_inclusive":true,"version_end":"5.2","version_end_inclusive":true,"cpe23_uri":"cve5:ibm:security-identity-governance-and-intelligence:5.2:5.2"},{"vendor_slug":"ibm","vendor_name":"ibm","product_slug":"security-identity-governance-and-intelligence","product_name":"Security Identity Governance and Intelligence","version_start":"5.2.1","version_start_inclusive":true,"version_end":"5.2.1","version_end_inclusive":true,"cpe23_uri":"cve5:ibm:security-identity-governance-and-intelligence:5.2.1:5.2.1"},{"vendor_slug":"ibm","vendor_name":"ibm","product_slug":"security-identity-governance-and-intelligence","product_name":"Security Identity Governance and Intelligence","version_start":"5.2.2","version_start_inclusive":true,"version_end":"5.2.2","version_end_inclusive":true,"cpe23_uri":"cve5:ibm:security-identity-governance-and-intelligence:5.2.2:5.2.2"},{"vendor_slug":"ibm","vendor_name":"ibm","product_slug":"security-identity-governance-and-intelligence","product_name":"Security Identity Governance and Intelligence","version_start":"5.2.2.1","version_start_inclusive":true,"version_end":"5.2.2.1","version_end_inclusive":true,"cpe23_uri":"cve5:ibm:security-identity-governance-and-intelligence:5.2.2.1:5.2.2.1"},{"vendor_slug":"ibm","vendor_name":"ibm","product_slug":"security-identity-governance-and-intelligence","product_name":"Security Identity Governance and Intelligence","version_start":"5.2.3","version_start_inclusive":true,"version_end":"5.2.3","version_end_inclusive":true,"cpe23_uri":"cve5:ibm:security-identity-governance-and-intelligence:5.2.3:5.2.3"},{"vendor_slug":"ibm","vendor_name":"ibm","product_slug":"security-identity-governance-and-intelligence","product_name":"Security Identity Governance and Intelligence","version_start":"5.2.3.1","version_start_inclusive":true,"version_end":"5.2.3.1","version_end_inclusive":true,"cpe23_uri":"cve5:ibm:security-identity-governance-and-intelligence:5.2.3.1:5.2.3.1"},{"vendor_slug":"ibm","vendor_name":"ibm","product_slug":"security-identity-governance-and-intelligence","product_name":"Security Identity Governance and Intelligence","version_start":"5.2.3.2","version_start_inclusive":true,"version_end":"5.2.3.2","version_end_inclusive":true,"cpe23_uri":"cve5:ibm:security-identity-governance-and-intelligence:5.2.3.2:5.2.3.2"}],"exploit_refs":[],"news":[],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/127399","source_type":"MISC","tags":[]},{"url":"http://www.ibm.com/support/docview.wss?uid=swg22016869","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2018-08-06T14:00:00Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T16:56:16.417601Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T16:56:16.417601Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T16:56:16.417601Z","label":"CVSS score revised","source":"cvelistv5"}]}