Vulnerabilities > CVE-2016-8962 - Credentials Management vulnerability in IBM Bigfix Inventory 9.0/9.2

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
high complexity
ibm
CWE-255
NVD
Published: 2017-04-26
Updated: 2024-11-21

Summary

IBM BigFix Inventory 9.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 118851.

Vulnerable Configurations

Part Description Count
Application
Ibm
2

Common Weakness Enumeration (CWE)

References