CVE-2016-3016: IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code…

medium4.4CVSS 3.0

AVNACHPRHUINSUCNIHAN

IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code, which could allow an authenticated attacker to load malicious code.

Affected

51 ranges· showing 25

Vendor	Product	Version range	Fixed in
ibm	security_access_manager_9.0_firmware	—	—
ibm	security_access_manager_9.0_firmware	—	—
ibm	security_access_manager_9.0_firmware	—	—
ibm	security_access_manager_for_mobile_8.0_firmware	—	—
ibm	security_access_manager_for_mobile_8.0_firmware	—	—
ibm	security_access_manager_for_mobile_8.0_firmware	—	—
ibm	security_access_manager_for_mobile_8.0_firmware	—	—
ibm	security_access_manager_for_mobile_8.0_firmware	—	—
ibm	security_access_manager_for_mobile_8.0_firmware	—	—
ibm	security_access_manager_for_mobile_8.0_firmware	—	—
ibm	security_access_manager_for_mobile_8.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—
ibm	security_access_manager_for_web_7.0_firmware	—	—

CVSS provenance

nvdv3.04.4MEDIUMCVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N

osv6.2MEDIUM