Lucene search

K
cve[email protected]CVE-2016-8926
HistoryApr 14, 2017 - 4:59 p.m.

CVE-2016-8926

2017-04-1416:59:00
CWE-200
web.nvd.nist.gov
14
ibm
tivoli
application
dependency
discovery
manager
remote attacker
system files
data
security vulnerability

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4.8 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

32.2%

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. IBM X-Force ID: 118539.

Affected configurations

Vulners
NVD
Node
ibm_corporationtivoli_application_dependency_discovery_managerMatch7.2
OR
ibm_corporationtivoli_application_dependency_discovery_managerMatch7.2.1
OR
ibm_corporationtivoli_application_dependency_discovery_managerMatch7.2.2
OR
ibm_corporationtivoli_application_dependency_discovery_managerMatch7.1.2
OR
ibm_corporationtivoli_application_dependency_discovery_managerMatch7.3
OR
ibm_corporationtivoli_application_dependency_discovery_managerMatch7.2.0

CNA Affected

[
  {
    "product": "Tivoli Application Dependency Discovery Manager",
    "vendor": "IBM Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "7.2"
      },
      {
        "status": "affected",
        "version": "7.2.1"
      },
      {
        "status": "affected",
        "version": "7.2.2"
      },
      {
        "status": "affected",
        "version": "7.1.2"
      },
      {
        "status": "affected",
        "version": "7.3"
      },
      {
        "status": "affected",
        "version": "7.2.0"
      }
    ]
  }
]

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4.8 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

32.2%

Related for CVE-2016-8926