CVE-2016-3022

EUVD-2016-4095
IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorrect file permissions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
Affected Products (NVD)
VendorProductVersion
ibmsecurity_access_manager_9.0_firmware
9.0.0
ibmsecurity_access_manager_9.0_firmware
9.0.0.1
ibmsecurity_access_manager_9.0_firmware
9.0.1.0
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.0.1
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.0.2
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.0.3
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.0.5
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.1.0
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.1.2
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.1.3
ibmsecurity_access_manager_for_mobile_8.0_firmware
8.0.1.4
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.1
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.2
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.3
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.4
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.5
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.6
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.7
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.8
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.9
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.10
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.11
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.12
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.13
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.14
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.15
ibmsecurity_access_manager_for_web_7.0_firmware
7.0.0.16
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.0.1
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.0.2
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.0.3
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.0.5
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.1.0
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.1.2
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.1.3
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.1.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg21995360
http://www.securityfocus.com/bid/96130
http://www.ibm.com/support/docview.wss?uid=swg21995360
http://www.securityfocus.com/bid/96130