CVE-2016-0394

CWE-2753 documents3 sources
Severity
3.3LOW
EPSS
0.0%
top 84.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
IBM Corporation Integration BUSIBM Integration BUSIBM Websphere Message Broker
Timeline
PublishedFeb 1
Latest updateMay 17

Description

IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local attacker to manipulate certain files.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages3 packages

NVDibm/integration_bus4 versions+3
CVEListV5ibm_corporation/integration_bus5 versions+4

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-5hcp-4cp6-w924: IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local attacker to manipulate certain file2022-05-17
CVEList
CVE-2016-0394: IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local attacker to manipulate certain file2017-02-01
CVE-2016-0394 (LOW CVSS 3.3) | IBM Integration Bus and WebSphere M | cvebase.io