Vulnerabilities > CVE-2016-0330 - Credentials Management vulnerability in IBM Security Identity Manager Adapter

CVSS 7.3 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

network

low complexity

ibm

CWE-255

NVD

Published: 2016-07-15

Updated: 2017-09-01

Summary

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Security Identity Manager Adapter 7.0.1.0 IBM Security Identity Manager Adapter 7.0.0.1 IBM Security Identity Manager Adapter 7.0.0.2 IBM Security Identity Manager Adapter 7.0.0.0 IBM Security Identity Manager Adapter 7.0.0.3 IBM Security Identity Manager Adapter 7.0.1.1	6

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References