CVE-2016-2952
Severity
3.7LOW
EPSS
0.3%
top 49.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 30
Latest updateMay 17
Description
IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP.
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4