cbcvebase.
CVE-2016-0214
published 2017-02-08

CVE-2016-0214: IBM Tivoli Endpoint Manager could allow a remote attacker to upload arbitrary files. A remote attacker could exploit this vulnerability to upload a malicious…

PriorityP340high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
1.40%
69.1th percentile
IBM Tivoli Endpoint Manager could allow a remote attacker to upload arbitrary files. A remote attacker could exploit this vulnerability to upload a malicious file. The only way that file would be executed would be through a phishing attack to trick an unsuspecting victim to execute the file.

Affected

9 ranges
VendorProductVersion rangeFixed in
ibmbigfix_platform
ibmbigfix_platform
ibmbigfix_platform
ibmbigfix_platform
ibm_corporationbigfix_platform
ibm_corporationbigfix_platform
ibm_corporationbigfix_platform
ibm_corporationbigfix_platform
sambasamba>= 0 < 2:4.1.6+dfsg-1ubuntu2.14.04.132:4.1.6+dfsg-1ubuntu2.14.04.13

CVSS provenance

nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv5.1MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.