Bigfix Inventory@* Security Vulnerabilities and Issues — Bigfix Inventory@* CVE List

Lucene search

IbmBigfix Inventory*

4 matches found

CVE•added 2017/02/01 8:59 p.m.•39 views

CVE-2016-8961

IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site th...

6.1CVSS5.9AI score0.00165EPSS

CVE•added 2017/02/01 10:59 p.m.•36 views

CVE-2016-8963

IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user.

5.5CVSS5.1AI score0.00053EPSS

CVE•added 2017/07/13 3:29 p.m.•35 views

CVE-2016-8964

IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 118853.

9.8CVSS8.7AI score0.02438EPSS

CVE•added 2017/04/26 5:59 p.m.•29 views

CVE-2016-8962

IBM BigFix Inventory 9.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 118851.

5.9CVSS5.5AI score0.00296EPSS