Vulnerabilities > CVE-2016-8962 - Credentials Management vulnerability in IBM Bigfix Inventory 9.0/9.2

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
ibm
CWE-255
NVD
Published: 2017-04-26
Updated: 2017-07-11

Summary

IBM BigFix Inventory 9.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 118851.

Vulnerable Configurations

Part Description Count
Application
Ibm
2

Common Weakness Enumeration (CWE)

References