IBM6622E8882A05EB9B9AA4D773925E45B3AA709B442AE116F34E20A9E586F9441CSecurity Bulletin: Information Disclosure Vulnerability in Tivoli Business Service Manager (CVE-2016-0286)
0.002 Low
EPSS
Percentile
58.9%
Summary
Information about an information disclosure security vulnerability affecting Tivoli Business Service Manager (TBSM) is published in this security bulletin. Manipulation of communication between the TBSM Dashboard server and the TBSM Data Server could result in information disclosure.
Vulnerability Details
CVEID: CVE-2016-0286
DESCRIPTION: IBM Tivoli Business Service Manager could allow an authenticated user with special privileges to view the administrator password in clear text.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111234> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
Tivoli Business Service Manager 6.1.0
Tivoli Business Service Manager 6.1.1
Remediation/Fixes
Principal Product and Version(s)
| Available Fix
—|—
Tivoli Business Service Manager 6.1.0| 6.1.0-TIV-BSM-FP0004
<http://www-01.ibm.com/support/docview.wss?uid=swg24042501>
Tivoli Business Service Manager 6.1.1| 6.1.1-TIV-BSM-FP0004
<http://www-01.ibm.com/support/docview.wss?uid=swg24041505>
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| tivoli business service manager | eq | 6.1 | |
| tivoli business service manager | eq | 6.1.1 |
Related
0.002 Low
EPSS
Percentile
58.9%