CVE-2016-5943

CWE-284Improper Access Control4 documents4 sources
Severity
5.4MEDIUM
EPSS
0.1%
top 70.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Spectrum Control
Timeline
PublishedSep 26
Latest updateMay 17

Description

IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properties, via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages1 packages

NVDibm/spectrum_control16 versions+15

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-h3g4-q7jg-pp54: IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 52022-05-17
CVEList
CVE-2016-5943: IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 52016-09-26
CVE-2016-5943 (MEDIUM CVSS 5.4) | IBM Spectrum Control (formerly Tivo | cvebase.io