Vulnerabilities > CVE-2016-8967 - Credentials Management vulnerability in IBM Bigfix Inventory and License Metric Tool

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
ibm
CWE-255

Summary

IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user.

Vulnerable Configurations

Part Description Count
Application
Ibm
2
OS
Hp
1
OS
Ibm
1
OS
Linux
1
OS
Microsoft
1
OS
Oracle
1

Common Weakness Enumeration (CWE)