CVE-2016-0296Log File Information Exposure in Corporation Bigfix Platform

CWE-532Log File Information ExposureCWE-327Use of a Broken or Risky Cryptographic Algorithm4 documents4 sources
Severity
3.3LOWNVD
EPSS
0.0%
top 85.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Corporation Bigfix PlatformIBM Bigfix Platform
Timeline
PublishedFeb 1
Latest updateJan 16

Description

IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive information in log files that could be available to a local user.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

NVDibm/bigfix_platform4 versions+3
CVEListV5ibm_corporation/bigfix_platform4 versions+3

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-942g-2qf9-83fp: IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive information in log files that could be available to a local2022-05-17
CVEList
CVE-2016-0296: IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive information in log files that could be available to a local2017-02-01

📋Vendor Advisories

1
Red Hat
openshift: etcd grpc-proxy vulnerable to The Birthday attack against 64-bit block cipher2023-01-16
CVE-2016-0296 — Log File Information Exposure | cvebase