Lucene search

[email protected]NVD:CVE-2016-3052

HistoryFeb 22, 2017 - 7:59 p.m.

CVE-2016-3052

2017-02-2219:59:00

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

46.3%

JSON

Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques.

Affected configurations

Nvd

Node

ibmwebsphere_mqRange≤8.0.0.5

VendorProductVersionCPE
ibmwebsphere_mq*cpe:2.3:a:ibm:websphere_mq:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_mq	*	cpe:2.3:a:ibm:websphere_mq::::::::

References

www.ibm.com/support/docview.wss?uid=swg21998660

www.securityfocus.com/bid/96400

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

46.3%

JSON

Related for NVD:CVE-2016-3052

cvelist1 cve1 prion1 ibm1 openvas1 nessus1