CVE-2016-3022

IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorrect file permissions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ibmsecurity_access_manager_9.0_firmware
9.0.0
ibmsecurity_access_manager_9.0_firmware
9.0.0.1
ibmsecurity_access_manager_9.0_firmware
9.0.1.0
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.0.1
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.0.2
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.0.3
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.0.5
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.1.0
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.1.2
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.1.3
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.1.4
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.1
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.2
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.3
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.4
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.5
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.6
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.7
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.8
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.9
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.10
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.11
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.12
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.13
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.14
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.15
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.16
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.0.1
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.0.2
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.0.3
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.0.5
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.1.0
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.1.2
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.1.3
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.1.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg21995360
http://www.securityfocus.com/bid/96130
http://www.ibm.com/support/docview.wss?uid=swg21995360
http://www.securityfocus.com/bid/96130