CVE-2016-2951
Severity
3.7LOW
EPSS
0.1%
top 65.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 30
Latest updateMay 17
Description
IBM BigFix Remote Control before 9.1.3 does not properly set the default encryption strength, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data.
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4