Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMCC3E66DE002526817DB1EA3478AAD281461401FF26FE54A7665592396B2D0136
HistorySep 22, 2022 - 3:02 a.m.

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2016-0377)

2022-09-2203:02:31
www.ibm.com
8
ibm websphere
security bulletin
information disclosure
cve-2016-0377
asset management
smartcloud control desk
tririga energy optimization

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

44.8%

JSON

Summary

IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions (including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities), Maximo Adapter for Primavera, SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Change and Configuration Management Database, and TRIRIGA Energy Optimization. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin Security Bulletin: Information Disclosure in IBM WebSphere Application Server (CVE-2016-0377) for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
Maximo Asset Management 7.6
SmartCloud Control Desk 7.6
Maximo for Aviation 7.6
Maximo for Life Sciences 7.6
Maximo for Transportation 7.6| IBM WebSphere Application Server 8.5.5 Full Profile
IBM WebSphere Application Server 8.5 Full Profile
Maximo Asset Management 7.5
Maximo Asset Management Essentials 7.5
Maximo for Government 7.5
Maximo for Nuclear Power 7.5
Maximo for Transportation 7.5
Maximo for Life Sciences 7.5
Maximo for Oil and Gas 7.5
Maximo for Utilities 7.5
Maximo Adapter for Primavera 7.5
SmartCloud Control Desk 7.5
TRIRIGA Energy Optimization 1.1| IBM WebSphere Application Server 8.5.5 Full Profile
IBM WebSphere Application Server 8.5 Full Profile
IBM WebSphere Application Server 8.0
IBM WebSphere Application Server 7.0
Maximo Asset Management 7.1
Maximo Asset Management Essentials 7.1
Maximo Asset Management for Energy Optimization 7.1
Maximo for Government 7.1
Maximo for Nuclear Power 7.1
Maximo for Transportation 7.1
Maximo for Life Sciences 7.1
Maximo for Oil and Gas 7.1
Maximo for Utilities 7.1
Maximo Adapter for Primavera 7.1| IBM WebSphere Application Server 7.0
Tivoli Asset Management for IT 7.2
Tivoli Service Request Manager 7.2
Change and Configuration Management Database 7.2| IBM WebSphere Application Server 8.5.5 Full Profile
IBM WebSphere Application Server 7.0

Affected configurations

Vulners
Node
ibmmaximo_asset_managementMatch7.1
OR
ibmmaximo_asset_managementMatch7.5
OR
ibmmaximo_asset_managementMatch7.6
OR
ibmcontrol_deskMatch7.5
OR
ibmcontrol_deskMatch7.5.1
OR
ibmcontrol_deskMatch7.5.1.1
OR
ibmcontrol_deskMatch7.5.1.2
OR
ibmcontrol_deskMatch7.5.3
OR
ibmcontrol_deskMatch7.6.0
OR
ibmmaximo_for_energy_optimizationMatchany
OR
ibmmaximo_asset_management_essentialsMatch7.5
OR
ibmmaximo_asset_management_essentialsMatch7.1.1
OR
ibmmaximo_for_energy_optimizationMatch7.1
OR
ibmmaximo_for_energy_optimizationMatch7.1.1
OR
ibmmaximo_for_governmentMatch7.1
OR
ibmmaximo_for_governmentMatch7.1.1
OR
ibmmaximo_for_governmentMatch7.5
OR
ibmmaximo_for_life_sciencesMatch7.1.2
OR
ibmmaximo_for_life_sciencesMatch7.5
OR
ibmmaximo_for_life_sciencesMatch7.1.0
OR
ibmmaximo_for_life_sciencesMatch7.6
OR
ibmmaximo_for_nuclear_powerMatch7.1
OR
ibmmaximo_for_nuclear_powerMatch7.5
OR
ibmmaximo_for_nuclear_powerMatch7.5.1
OR
ibmmaximo_for_nuclear_powerMatch7.1.1
OR
ibmmaximo_for_oil_and_gasMatch7.1.2
OR
ibmmaximo_for_oil_and_gasMatch7.5
OR
ibmmaximo_for_oil_and_gasMatch7.5.1
OR
ibmmaximo_for_oil_and_gasMatch7.1.0
OR
ibmmaximo_for_transportationMatch7.1.0
OR
ibmmaximo_for_transportationMatch7.1.1
OR
ibmmaximo_for_transportationMatch7.5
OR
ibmmaximo_for_transportationMatch7.5.1
OR
ibmmaximo_for_transportationMatch7.6.1
OR
ibmmaximo_for_utilitiesMatch7.1.1
OR
ibmmaximo_for_utilitiesMatch7.1.2
OR
ibmmaximo_for_utilitiesMatch7.5
OR
ibmmaximo_for_utilitiesMatch7.1.0
OR
ibmmaximo_asset_managementMatch7.2
OR
ibmmaximo_asset_managementMatch7.2.1
OR
ibmmaximo_asset_managementMatch7.2.2
OR
ibmtivoli_change_and_configuration_management_databaseMatch7.2
OR
ibmtivoli_change_and_configuration_management_databaseMatch7.2.1
OR
ibmtivoli_service_request_managerMatch7.2
OR
ibmtivoli_service_request_managerMatch7.2.1
OR
ibmmaximo_for_aviationMatch7.6
OR
ibmmaximo_for_aviationMatch7.6.1
OR
ibmmaximo_for_aviationMatch7.6.2
OR
ibmmaximo_for_aviationMatch7.6.2.1
OR
ibmmaximo_for_aviationMatch7.6.3
VendorProductVersionCPE
ibmmaximo_asset_management7.1cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*
ibmmaximo_asset_management7.5cpe:2.3:a:ibm:maximo_asset_management:7.5:*:*:*:*:*:*:*
ibmmaximo_asset_management7.6cpe:2.3:a:ibm:maximo_asset_management:7.6:*:*:*:*:*:*:*
ibmcontrol_desk7.5cpe:2.3:a:ibm:control_desk:7.5:*:*:*:*:*:*:*
ibmcontrol_desk7.5.1cpe:2.3:a:ibm:control_desk:7.5.1:*:*:*:*:*:*:*
ibmcontrol_desk7.5.1.1cpe:2.3:a:ibm:control_desk:7.5.1.1:*:*:*:*:*:*:*
ibmcontrol_desk7.5.1.2cpe:2.3:a:ibm:control_desk:7.5.1.2:*:*:*:*:*:*:*
ibmcontrol_desk7.5.3cpe:2.3:a:ibm:control_desk:7.5.3:*:*:*:*:*:*:*
ibmcontrol_desk7.6.0cpe:2.3:a:ibm:control_desk:7.6.0:*:*:*:*:*:*:*
ibmmaximo_for_energy_optimizationanycpe:2.3:a:ibm:maximo_for_energy_optimization:any:*:*:*:*:*:*:*
Rows per page:
1-10 of 501

Related

ibm 38
nvd 1
cve 1
cvelist 1
prion 1
nessus 2
ibm
ibm
Security Bulletin: A security vulnerability has been identified in embedded IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2016-0377)
2018-06-17 15:28:01
Security Bulletin: Vulnerability in WebSphere Application Server affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-0377)
2021-04-28 18:35:50
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway (CVE-2016-0377)
2018-06-16 21:46:00
nvd
nvd
CVE-2016-0377
2016-10-22 03:59:11
cve
cve
CVE-2016-0377
2016-10-22 03:59:11
cvelist
cvelist
CVE-2016-0377
2016-10-22 01:00:00
prion
prion
Information disclosure
2016-10-22 03:59:00
nessus
nessus
IBM WebSphere Application Server 7.0 < 7.0.0.43 / 8.0 < 8.0.0.13 / 8.5 < 8.5.5.10 Information Disclosure
2016-12-29 00:00:00
IBM WebSphere Application Server 7.0 < 7.0.0.41 Multiple Vulnerabilities
2016-10-26 00:00:00

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

44.8%

JSON
Related for CC3E66DE002526817DB1EA3478AAD281461401FF26FE54A7665592396B2D0136
ibm38nvd1cve1cvelist1prion1nessus2