CVE-2016-2943
low
CVSS v3
1.9
CVSS v2
1.9
VIR risk
1.9
Description
IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a log file.
Predictions
Exploit likelihood
22%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg21991960
Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg1IV89736
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| ibm | bigfix_remote_control | {"endIncluding":"9.1.2"} | |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV89736
- http://www-01.ibm.com/support/docview.wss?uid=swg21991960
- http://www.securityfocus.com/bid/94617
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV89736
- http://www-01.ibm.com/support/docview.wss?uid=swg21991960
- http://www.securityfocus.com/bid/94617
CWEs
CWE-532
Verify integrity in audit chain (admin only). AS-IS.