CVE-2016-5979Corporation Distributed Marketing vulnerability

CWE-2643 documents3 sources
Severity
2.7LOWNVD
EPSS
0.2%
top 52.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Corporation Distributed MarketingIBM Distributed Marketing
Timeline
PublishedMay 15
Latest updateMay 17

Description

IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the new instance not accessible for the intended user. IBM X-Force ID: 116379.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:LExploitability: 1.2 | Impact: 1.4

Affected Packages2 packages

NVDibm/distributed_marketing27 versions+26
CVEListV5ibm_corporation/distributed_marketing8.6, 9.0, 9.1, 9.1.1, 9.1.2, 10.0

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-rq24-45qx-qfx2: IBM Distributed Marketing 82022-05-17
CVEList
CVE-2016-5979: IBM Distributed Marketing 82017-05-15
CVE-2016-5979 — LOW severity | cvebase