CVE-2016-2861

CWE-200Information Exposure3 documents3 sources
Severity
3.7LOW
EPSS
0.2%
top 54.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Extreme Scale
Timeline
PublishedJul 2
Latest updateMay 17

Description

IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 does not properly encrypt data, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages1 packages

NVDibm/websphere_extreme_scale15 versions+14

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-g27v-p28h-wj6h: IBM WebSphere eXtreme Scale 72022-05-17
CVEList
CVE-2016-2861: IBM WebSphere eXtreme Scale 72016-07-02
CVE-2016-2861 (LOW CVSS 3.7) | IBM WebSphere eXtreme Scale 7.1.0 b | cvebase.io