CVE-2016-0338

CWE-200 — Information Exposure3 documents3 sources

Severity

6.2MEDIUM

EPSS

0.1%

top 84.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Security Identity Manager Adapter

Timeline

PublishedJul 15

Latest updateMay 17

Description

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows local users to discover cleartext passwords by (1) reading a configuration file or (2) examining a process.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.5 | Impact: 3.6

Affected Packages1 packages

▶NVDibm/security_identity_manager_adapter6 versions+5

🔴Vulnerability Details

GHSA

GHSA-686q-p4vq-rq82: IBM Security Identity Manager (ISIM) Virtual Appliance 7↗2022-05-17

▶

CVEList

CVE-2016-0338: IBM Security Identity Manager (ISIM) Virtual Appliance 7↗2016-07-15

▶