CVE-2016-3051

Published on: 06/07/2017 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:02 PM UTC

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Certain versions of Security Access Manager 9.0 Firmware from Ibm contain the following vulnerability:

IBM Security Access Manager for Web 9.0.0 could allow an authenticated user to access some privileged functionality of the server. IBM X-Force ID: 114714.

  • CVE-2016-3051 has been assigned by [email protected] to track the vulnerability - currently rated as MEDIUM severity.
  • Affected Vendor/Software: IBM - Security Access Manager version 9.0.0.1
  • Affected Vendor/Software: IBM - Security Access Manager version 9.0.0
  • Affected Vendor/Software: IBM - Security Access Manager version 9.0.1.0
  • Affected Vendor/Software: IBM - Security Access Manager version 9.0.2.0

CVSS3 Score: 4.3 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW LOW NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE LOW NONE

CVSS2 Score: 4 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW SINGLE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE PARTIAL NONE

CVE References

Description Tags Link
Security Bulletin: IBM Security Access Manager appliances are affected by a security vulnerability (CVE-2016-3051) Patch
Vendor Advisory
www.ibm.com
text/html
URL Logo CONFIRM www.ibm.com/support/docview.wss?uid=swg21995724
IBM Security Access Manager Appliance Unspecified Flaw Lets Remote Authenticated Users Gain Elevated Privileges - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1038615
Malformed Request Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 98912
IBM X-Force Exchange VDB Entry
Vendor Advisory
exchange.xforce.ibmcloud.com
text/html
URL Logo MISC exchange.xforce.ibmcloud.com/vulnerabilities/114714

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
IbmSecurity Access Manager 9.0 FirmwareAllAllAllAll
Operating
System
IbmSecurity Access Manager 9.0 FirmwareAllAllAllAll
  • cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*: