CyberSec.Space Logo
Back to CVE Browser

CVE-2016-0332

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0960%
EPSS Percentile23.15th
PublishedJan 12, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. IBM X-Force ID: 111695.

Affected Platforms (CPE)

πŸ“¦
Ibm

Security Identity Manager Virtual Appliance

= 7.0.0.0
πŸ“¦
Ibm

Security Identity Manager Virtual Appliance

= 7.0.0.1
πŸ“¦
Ibm

Security Identity Manager Virtual Appliance

= 7.0.0.2
πŸ“¦
Ibm

Security Identity Manager Virtual Appliance

= 7.0.0.3
πŸ“¦
Ibm

Security Identity Manager Virtual Appliance

= 7.0.1.0

References & Advisories

πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21981438
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/111695
πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21981438
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/111695

Related Vulnerabilities

CVE-2016-59649.8

IBM Security Privileged Identity Manager Virtual Appliance version 2.0.2 uses an inadequate account lockout setting that could all...

CVE-2018-16408.8

IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote authenticated attacker to execute arbitrary ...

CVE-2016-59638.8

IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 does not properly validate updates, which ...

CVE-2016-03248.8

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authentic...