CVE-2016-2930

CWE-284 — Improper Access Control5 documents4 sources

Severity

7.5HIGH

EPSS

0.3%

top 49.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Corporation Bigfix Remote Control IBM Bigfix Remote Control

Timeline

PublishedMay 3

Latest updateMay 17

Description

IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perform actions reserved for an administrator without authentication. IBM X-Force ID: 5512.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDibm/bigfix_remote_control9.1.3

▶CVEListV5ibm_corporation/bigfix_remote_control9.1.3

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-w593-rxrh-7r84: IBM BigFix Remote Control 9↗2022-05-17

▶

CVEList

CVE-2016-2930: IBM BigFix Remote Control 9↗2017-05-03

▶

💥Exploits & PoCs

Exploit-DB

Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption (2)↗2017-01-11

▶

Exploit-DB

Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption (1)↗2017-01-11

▶