CVE-2016-0332

CWE-2543 documents3 sources
Severity
9.8CRITICAL
EPSS
0.4%
top 42.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Security Identity Manager Virtual Appliance
Timeline
PublishedJan 12
Latest updateMay 14

Description

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. IBM X-Force ID: 111695.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-v43g-m96h-3578: IBM Security Identity Manager (ISIM) Virtual Appliance 72022-05-14
CVEList
CVE-2016-0332: IBM Security Identity Manager (ISIM) Virtual Appliance 72018-01-12
CVE-2016-0332 (CRITICAL CVSS 9.8) | IBM Security Identity Manager (ISIM | cvebase.io