Back to CVE Browser

CVE-2016-5964

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1330%

EPSS Percentile33.69th

PublishedFeb 1, 2017

Last ModifiedMay 13, 2026

Vulnerability Description

IBM Security Privileged Identity Manager Virtual Appliance version 2.0.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.

Affected Platforms (CPE)

📦

Ibm

Security Privileged Identity Manager

= 2.0.2

References & Advisories

🔗 http://www.ibm.com/support/docview.wss?uid=swg21994065

🔗 http://www.securityfocus.com/bid/94308

🔗 http://www.ibm.com/support/docview.wss?uid=swg21994065

🔗 http://www.securityfocus.com/bid/94308

Related Vulnerabilities

CVE-2016-59638.8

IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 does not properly validate updates, which ...

CVE-2021-31968.8

An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0 through 12.0.2, and 12.1.0. When using...

CVE-2018-16408.8

IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote authenticated attacker to execute arbitrary ...

CVE-2016-03248.8

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authentic...