IBM BigFix Inventory 9.0

CPE Details

IBM BigFix Inventory 9.0
ibm
bigfix_inventory
9.0
2019-10-04
12h45 +00:00
2019-10-04
12h45 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:bigfix_inventory:9.0:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

bigfix_inventory

Version

9.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-8964 2017-07-13 15h00 +00:00 IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 118853.
9.8
Critical
CVE-2016-8962 2017-04-26 15h00 +00:00 IBM BigFix Inventory 9.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 118851.
5.9
Medium
CVE-2016-8963 2017-02-01 21h00 +00:00 IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user.
5.5
Medium
CVE-2016-8961 2017-02-01 19h00 +00:00 IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
6.1
Medium