CyberSec.Space Logo
CVEブラウザに戻る

CVE-2016-0332

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0960%
EPSS Percentile23.15th
Published2018年1月12日
Last Modified2024年11月21日

Vulnerability Description

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. IBM X-Force ID: 111695.

Affected Platforms (CPE)

📦
Ibm

Security Identity Manager Virtual Appliance

= 7.0.0.0
📦
Ibm

Security Identity Manager Virtual Appliance

= 7.0.0.1
📦
Ibm

Security Identity Manager Virtual Appliance

= 7.0.0.2
📦
Ibm

Security Identity Manager Virtual Appliance

= 7.0.0.3
📦
Ibm

Security Identity Manager Virtual Appliance

= 7.0.1.0

References & Advisories

🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21981438
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/111695
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21981438
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/111695

関連する脆弱性情報

CVE-2016-59649.8

IBM Security Privileged Identity Manager Virtual Appliance version 2.0.2 uses an inadequate account lockout setting that could all...

CVE-2018-16408.8

IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote authenticated attacker to execute arbitrary ...

CVE-2016-59638.8

IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 does not properly validate updates, which ...

CVE-2016-03248.8

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authentic...