CVE-2016-0297Sensitive Information Exposure in Corporation Bigfix Platform

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
3.7LOWNVD
EPSS
0.2%
top 60.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Corporation Bigfix PlatformIBM Bigfix Platform
Timeline
PublishedFeb 1
Latest updateMay 17

Description

IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could allow a remote attacker to obtain sensitive information due to a missing HTTP Strict-Transport-Security Header through man in the middle techniques.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages2 packages

NVDibm/bigfix_platform4 versions+3
CVEListV5ibm_corporation/bigfix_platform4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-5jpj-wxw3-jrpj: IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could allow a remote attacker to obtain sensitive information due to a missing HTTP Stric2022-05-17
CVEList
CVE-2016-0297: IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could allow a remote attacker to obtain sensitive information due to a missing HTTP Stric2017-02-01
CVE-2016-0297 — Sensitive Information Exposure | cvebase